Application Security Engineer
Client Job Description:
interos.ai is the Supply Chain Risk Intelligence company building the most trusted and transparent supply chains in the world. Our pioneering discovery and monitoring technology spans the lifecycle of supply chain risk, bringing speed and clarity to enterprise response.
Job Overview:
The Application Security Engineer will secure Interos.ai's AWS cloud environments, containerized workloads, application stack, CI/CD pipelines, and incident response processes. The role is hands-on and highly collaborative with Engineering, Product, DevOps, and Security Operations.
Top 3 Technical Skills:
AWS Cloud & Application Security
Docker / Kubernetes Security
CI/CD Pipeline Security + Terraform (IaC)
Experience That Would Move a Candidate to the Top
Hands-on ownership of cloud security implementations
Experience securing containerized environments
Knowledge of regulated or government cloud standards (FedRAMP, IL5 preferred)
Relevant security and cloud certifications
Required Tech / Experience
AWS cloud security architecture and services
Cloud application security engineering
Docker and Kubernetes security
Infrastructure as Code (Terraform)
CI/CD pipeline security integration
Identity management, encryption, and access controls
Incident response and cloud monitoring
Responsibilities:
Cloud Security Strategy:
interos.ai is the Supply Chain Risk Intelligence company building the most trusted and transparent supply chains in the world. Our pioneering discovery and monitoring technology spans the lifecycle of supply chain risk, bringing speed and clarity to enterprise response.
Job Overview:
The Application Security Engineer will secure Interos.ai's AWS cloud environments, containerized workloads, application stack, CI/CD pipelines, and incident response processes. The role is hands-on and highly collaborative with Engineering, Product, DevOps, and Security Operations.
Top 3 Technical Skills:
AWS Cloud & Application Security
Docker / Kubernetes Security
CI/CD Pipeline Security + Terraform (IaC)
Experience That Would Move a Candidate to the Top
Hands-on ownership of cloud security implementations
Experience securing containerized environments
Knowledge of regulated or government cloud standards (FedRAMP, IL5 preferred)
Relevant security and cloud certifications
Required Tech / Experience
AWS cloud security architecture and services
Cloud application security engineering
Docker and Kubernetes security
Infrastructure as Code (Terraform)
CI/CD pipeline security integration
Identity management, encryption, and access controls
Incident response and cloud monitoring
Responsibilities:
Cloud Security Strategy:
- Develop and implement comprehensive cloud security strategies aligned with business objectives.
- Assess current security practices, provide recommendations for and implement improvements
- Oversee AWS architecture and ensure that security settings are optimally configured.
- Demonstrate subject matter expertise on AWS services, emphasizing security best practices.
- Design and implement secure containerization strategies using Docker and orchestration with Kubernetes.
- Ensure the security of containerized applications throughout the development and deployment lifecycle.
- Utilize Terraform to define and provision infrastructure as code, ensuring security controls are embedded in the deployment process.
- Implement automated security checks within the IaC pipeline.
- Implement and manage security controls, encryption, and identity management within AWS environments.
- Conduct regular security assessments and audits to identify and mitigate potential risks.
- Collaborate with cross-functional teams, including developers, operations, and DevOps, to integrate security seamlessly into the development lifecycle.
- Communicate security requirements and best practices effectively to technical and non-technical stakeholders.
- Develop and implement incident response plans for cloud environments.
- Establish and maintain effective monitoring and alerting systems for timely detection and response to security incidents.
- Identify gaps in our security posture and prioritize remediation efforts
- Lead and manage security incidents, conducting thorough investigations as needed to identify root causes and facilitate effective remediation as needed
- 5+ years of expertise in AWS, including hands-on experience with AWS security services preferred. [JC2]
- 5+ years of expertise with containerization technologies such as Docker and orchestration with Kubernetes.
- 5+ years of experience as a Cloud Security Engineer/Architect in a similar capacity.
- 5+ years of experience implementing security controls, encryption, and identity management in cloud environments.
- 2+ years of expertise with Infrastructure as Code (IaC) using Terraform.
- Familiarity with DevOps principles and integrating security into CI/CD pipelines.
- Excellent communication (written & verbal) and collaboration skills.
- Knowledge of IL5, FedRAMP, and government cloud security standards preferred.
- Bachelor's or Master's degree (or equivalent) in Computer Science, Information Security, or a related field.
- CISSP, CCSP, OSCP, GIAC, or related security certifications preferred.
- AWS certifications such as AWS Certified Solutions Architect Professional, AWS Certified DevOps Engineer Professional, AWS Certified Security Specialty.
- Certified Kubernetes Administrator (CKA), Certified Kubernetes Security Specialist (CKS)
