Application Security Engineer

at  Teradata

What You’ll Do
A DevSecOps Engineer integrates and support security at every phase of the software development lifecycle (SDLC) throughout the pipeline. As a DevSecOps Engineer, your role involves integrating security practices into the DevOps pipeline. You’ll automate security testing, vulnerability scanning, and compliance checks, collaborate with development and operations teams, and stay informed about security best practices and emerging threats.
Who You’ll Work With
The Application Security team is an integral part of Teradata Information Security and closely partners and guides Product Engineering. Application Security team works with several teams such as CloudOps, DevOps and our Engineering teams.
What Makes You a Qualified Candidate

KNOWLEDGEABLE IN 1 OR MORE OF ANY OF THE FOLLOWING AREAS:

Familiar with Application Security methods, processes and tooling.
Ability to automate tasks and integrations via API’s using Python, Bash, or Go.
Strong technical expertise in DevSecOps toolkits.
Knowledge of DevOps Automation (Terraform, GitHub Actions).
Familiarity with cloud environments (AWS, Azure, Google Cloud).
Proficiency in Infrastructure as Code (IaC) languages.
Understanding of HTTP, SSL/TLS protocols, and Web applications.
Knowledge of CI/CD processes and tools.
An understanding of compliance requirements such as PCI-DSS & FedRAMP.

EDUCATION BACKGROUND:

Knowledge of core application security principles, common security vulnerability classes, their root causes, and mitigations.
MS/BS degree in Electrical Engineering, Computer Science, Information Technology, or related field. Advanced degree highly preferred

Please refer the Job description for details