DevOps Application Security Engineer
Location: San Diego, California US
Requisition Number: 204920
Position Title: Security Engineer (IV)
DevOps Application Security Engineer
Teradata empowers companies to achieve high-impact business outcomes through analytics. With a powerful combination of Industry expertise and leading hybrid cloud technologies for data warehousing and big data analytics, Teradata unleashes the potential of great companies. Partnering with top companies around the world, Teradata helps improve customer experience, mitigate risk, drive product innovation, achieve operational excellence, transform finance, and optimize assets. Teradata is recognized by media and industry analysts as a future-focused company for its technological excellence, sustainability, ethics, and business value.
The Teradata culture isn’t just about one kind of person. So many individuals make up who we are, making us that much more unique. It’s what sets apart the dynamic, diverse and collaborative environment that is Teradata. But even as individuals, there’s one thing that we all share —our united goal of making Teradata and our people, the best we can be.
The Application Security team is an integral part of the Product Security Team at Teradata. We evangelize security at every phase of the software development lifecycle, and work closely with developers to ensure applications are secure from inception through release. Given Teradata’s large portfolio of analytic applications, we are pushing the boundaries of security by scaling threat modeling, source code analysis, and analytic security. Our expertise lies in deep technical understanding of security and are security educators within Teradata and the wider security community. The Application Security team is tasked with building advanced security tools and methods for automating security and are dedicated open source contributors.
The Teradata Application Security Team is looking for someone who is passionate about software development and operations (DevOps) to scale the security capabilities. If you like writing and deploying your applications and services we have the position for you. The ideal candidate will work tirelessly to automate security processes, and will work with Application Security architects to automate static and dynamic analysis tools to enable development teams to move faster. If you evangelize security automation and love to share your knowledge with others, this position is for you.
Primary Job Responsibilities:
- Build security tooling as-a-service offerings
- Automate integration of CICD security tooling
- Identify and automate security processes and practices
- Write and deploy batch applications and APIs in a container environment
- Deliver security metrics to development teams
- Work with developers on how to improve communications with Security
- Be a leader in security by researching ways to scale security and presenting at internal and external events.
- Train developers in various aspects of security to include secure coding, security requirements, static/dynamic security tools, etc.
- Contribute to architecture decisions to ensure a consistent approach to security
- Serve as the security subject matter expert during architecture discussions
- Integrate static and dynamic analysis into CI/CD pipelines
- Interpret dynamic/static analysis tools results, and penetration test results and describe issues and fixes to non-security experts
- Provide vulnerability remediation guidance and mentoring to product development software engineers
- Contribute to and support efforts to build security products for the Teradata platform
- Develop proof of concept security applications for the Teradata platform
- Develop proof of concept applications to demonstrate best practices
- Evaluation of new technologies, tools, and/or development techniques that impact security
- Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements
Primary Job Skills:
- Work as part of a team
- Excellent written and verbal communication skills
- Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms
- Familiarity with Docker and Kubernetes
- Familiarity with AWS, Azure, and/or Google Cloud
- Ability to automate tasks using a scripting language (Python, Ruby, etc).
- Proficiency in a programming language, e.g., Golang, Java, Python, C, C++, C#, Objective C, etc.
- Ability to quickly learn a programming language
- Deep understanding of HTTP and SSL/TLS protocols, and Web applications
- Knowledge of networking fundamentals (all OSI layers)
- Knowledge of the Windows and *NIX operating systems
- Understanding of authentication protocols and frameworks to include OAuth, OpenID, and/or AWS IAM
- Deep understanding of continuous integration / continuous deployment processes and tools
- Familiarity with dynamic and static analysis tools
- Ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts
- The ideal candidate has experience working with automation script languages such as Puppet, Chef, Cloud Formation, etc.
- The ideal candidate has experience with cloud and virtualized technology in environments such as AWS, Azure and VMware
MS/BS degree in Electrical Engineering, Computer Science, Information Technology, or related field. Advanced degree highly preferred
Location: San Diego
*Our total compensation approach includes a competitive base salary, 401(k), strong work/family programs, and medical, dental and disability coverage.*
Teradata is an Equal Opportunity/Affirmative Action Employer and commits to hiring returning veterans.
CountryEEOText_Description: Teradata invites all identities and backgrounds in the workplace. We work with deliberation and intent to ensure we are cultivating collaboration and inclusivity across our global organization. We are proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, color, ancestry, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related conditions), national origin, sexual orientation, age, citizenship, marital status, disability, medical condition, genetic information, gender identity or expression, military and veteran status, or any other legally protected status.
City: San Diego
Community / Marketing Title: DevOps Application Security Engineer
Job Category: Engineering
Considering COVID-19, we are still hiring but conducting virtual interviews to keep our candidates and employees safe. Many roles will be temporarily remote or work from home to comply with current safety regulations. These roles will be required to be in the office once it is safe or restrictions are lifted. Read more on our response here: Teradata Response to COVID-19
With all the investments made in analytics, it’s time to stop buying into partial solutions that overpromise and underdeliver. It’s time to invest in answers. Only Teradata leverages all of the data, all of the time, so that customers can analyze anything, deploy anywhere, and deliver analytics that matter most to them. And we do it at scale, on-premises, in the Cloud, or anywhere in between.
We call this Pervasive Data Intelligence. It’s the answer to the complexity, cost, and inadequacy of today’s analytics. And it's the way Teradata transforms how businesses work and people live through the power of data throughout the world. Join us and help create the era of Pervasive Data Intelligence.
Location_formattedLocationLong: San Diego, California US