SECURITY CONTENT DEVELOPER
A Security Content Developer is both a cybersecurity researcher and a Detections or Vulnerability developer. They work daily to identify areas to improve our threat and vulnerability detection capabilities. Their overarching goal is to help us make security better for our clients every day. This role works with team members, Product Management, Security Services and various other specialists to continuously improve the coverage and efficacy of our MR solution.
Classic Endpoint Vulnerability and Config Management:
Host based vulnerability detection
Network based vulnerability scan and NVT development
CIS Benchmark implementation
Cloud Config and Posture Management:
Dev of security policy in Cloud Service Providers (I.e Azure Policy, AWS Sec Hub)
Pipeline Hardening Checks
Rule Development – will consider experience in rule/ signature development such as:
EDR (Endpoint Detection and Response) detections/signatures
Sigma and Yara rules
Development of anomaly and behavioural based detections
Development Languages & Methodologies:
Python, Go, Java, and C/C++
Test Driven Development
Full understanding and use of DevOps methods/tooling
Full understanding/application of secure development practices
Cloud Development: AWS, Azure, and GCP using Kubernetes/Containers, IaaS, and key PaaS services
Infrastructure as Code Methodologies and Development (I.e., Salt Stack, Terraform, Ansible, cloud orchestration platform equivalents a plus)
Experience with the following security tooling is highly regarded and will be considered:
3 rd Party Vulnerability Management Platforms:
Cloud based configuration and Security Posture Management tools:
Azure Security Centre, AWS Security Hub
Work with team members to continuously improve coverage, efficiency and deliver customer-facing and internal services
Participate in the full software development life cycle
Build well-designed, testable, efficient, secure code
Produce specifications and determine operational feasibility
Integrate software components into a fully functional software system.
Document and maintain software functionality.
Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes, and controls to protect the confidentiality, integrity, and availability of AWN business information.
Background checks are required for this position