Senior Information Security Engineer – Cloud Services – Sysco Labs

  • Information Technology
  • Full time
  • 8 months ago
  • Colombo ,Colombo 3

Job Information

  • icon
    Job Experience : 4 years

Job Description

We are currently on the lookout for an Senior Information Security Engineer – Cloud Services who is experienced in driving security functions and practices throughout the organization. Right candidate must possess strong analytical skills and be able to communicate effectively with stakeholders.


The Role:

  • Ensure the security of all of Sysco LABS’ cloud infrastructure, data, applications, configurations and intellectual property (such as code and documentation) against all types of cyber threats.
  • Lead the development, documentation and adoption of effective company-wide policies to achieve the above.
  • Work closely with product, engineering, quality and other teams and provide technical expertise to ensure security from design stage all the way to deployment with a focus on DevSecOps.
  • Perform PCI related activities to make sure that all Sysco LABS products meet PCI standard requirements.
  • Routinely audit AWS infrastructure, policies, accounts and provide audit reports to senior management on identified risks and recommendations.
  • Conduct application security tests (DAST/Manual) for applications releases while providing mitigation recommendations to DevOps Teams.
  • Respond to and – when appropriate – resolve or escalate security incidents, threats and vulnerabilities.
  • Assist and train corporate personnel in the use of cloud security best practices and the resolution of security issues.
  • Perform all regular cloud infrastructure management duties, in addition to security responsibilities.
  • Automation and scripting via PowerShell, Python, Perl, Bash or Chef.


The Profile:

  • 4+ years of proven DevOps experience with implementing and automating Cloud DevSecOps including extensive experience in cloud-based DDoS protection services such as AWS Advanced Shield in a production Environment.
  • Solid understanding of Amazon Web Services (AWS) including VPC, ELB, EC2, KMS, IAM, Config, Cloud Watch, CloudTrail, CloudFormation, Lambda, and others.
  • Knowledge of network based, system level and application layer attacks and mitigation methods.
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment and maintaining security in CI/CD processes.
  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security.
  • Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, Confluence and various other monitoring/alerting tools.
  • AWS certification along with other security certifications such as CISSP, SSCP, SAST, DLP, IDS/IPS is an added advantage.
  • Excellent technical troubleshooting skills on Linux.
  • Ability to utilize scripting languages such as Python, Bash and Perl and automation tools such as Chef, Ansible.
  • Good interpersonal skills, including the ability to work successfully in an Agile, DevOps team environment
  • Strong oral, written, and presentation abilities – able to convey risk to all levels of the business, from executives to operations and development teams.
Enable/disbale job alerts

Receive emails for the latest jobs matching your search criteria