Senior Information Security Engineer

We are looking for a Senior Information Security Engineer to scale and automate integrating security into the software development lifecycle and helping teams prioritize their security findings. This includes enabling the identification, tracking, and remediation of vulnerabilities in systems, as well as educating engineers, product management, and program management on security threats. This role also entails working closely with development teams, infrastructure teams, and other collaborators to build a culture of security and continuous improvement!

What you'll be doing:

Developing and implementing innovative automation solutions for large-scale and highly sophisticated security-related activities

Running pipeline integrations with container and static code scanners and triaging user issues

Leading discussions, leverage domain expertise, and collaborating with partner teams across Omniverse to influence decision-making processes

Staying ahead of emerging threats and vulnerabilities and helping develop processes to address them

Collaborating with partner teams to establish and report on key performance indicators related to vulnerability scans

What we need to see:

Bachelor's degree in computer science or information technology, or equivalent experience

7+ years of experience in software development or related field, with a focus on automation.

Experience with static and container scanning tools such as Checkmarx, Coverity, Snyk, or Anchore

Full-stack engineer with strong hands-on system integration, software development, and workflow automation skills across traditional on-premise and modern cloud environment

Ability to develop custom integration, tooling and automation in supporting DevOps within CI/CD environments such as Gitlab CI, Jenkins, or TeamCity

Expert in programming Python and using Python ecosystem tools

Strong analytical and problem-solving skills

Familiarity with DevOps and agile development methodologies

Ways to stand out from the crowd:

Experience with security automation and orchestration tools, like Terraform and Ansible

Hands-on experience with cloud security tools and technologies, such as AWS IAM or Azure AD

Hands-on background in Vault capabilities, with the ability to customize it for different patterns of workloads and workflows

Experience with API infrastructure and gateway, microservices architecture, ServiceMesh technology and policy-as-code solutions

Previous experience in solving security challenges in a Hybrid cloud environment (workloads spread across on-premise datacenter and public cloud such as AWS)