Security Engineer

(Tokyo - Must be in Japan already)

Role:

• Help define security requirements within the cloud environment around automation CI/CD, access controls,authorization, authentication, network, automated compliance, alerting and forensics
• Assist with application security testing and code reviews
• Perform security reviews, identifying gaps in secure architecture and design
• Co-create security policies and standards
• Review and design application security controls
• Research information security standards for adoption
• Develop secure coding policies, procedures and standards
• Engage with the engineering teams to review and update Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc. Job Details
• Write bug reports Recommend bug fixes Create threat models Recommend secure design patterns etc
• 5-7 years of experience 

Qualifications

[MUST]

• Solid understanding of public cloud (Azure, AWS, GCS, etc)
• Practical application of secure engineering principles
• Practical experience with SAST and DAST tools and workflows
• Working knowledge of vulnerability/compliance, patch management, anti-malware, APT, identity and access control management toolsets
• Experience with third party tools (e.g. Splunk, Elastisearch etc) to analyze systems and audit logs to identify anomalies, threats, potential vulnerabilities, configuration errors, zero-days, and breaches
• Threat modeling

[Nice to have]

• Experience integrating automated security tools into CI/CD pipeline
• Proven working experience within software development industry
• Excellent interpersonal and communication skills
• Proven working experience in conducting DevSecOps in an agile work environment
• Hands-on development experience with at least one of the following programming languages: Python, Typescript, Java, Scala, Go
• Proven working experience with DevOps container/orchestration tools (ie: Docker, Kubernetes, etc.)
• Knowledge of continuous delivery and Application Lifecycle Management tools (Jenkins, Bamboo, JIRA, SVN,Git, Nexus, etc.)

Language Skills

• Japanese: N5 Japanese skills desirable but not strictly necessary
• English: Business level or above