KnowledgeCity has been a leader in the E-Learning industry for over 15 years, offering a vast library of studio-produced online training courses and a powerful Learning Management System (LMS). We provide measurable results and strong ROI for organizations looking to enhance workforce development, compliance training, and professional skills programs. Our mission is to help companies worldwide meet their training goals efficiently while fostering a culture of continuous learning.
Key Responsibilities:
Secure Development and Deployment:
- Integrate security tools (e.g., SonarQube, Trivy, Burp Suite) into CI/CD pipelines to automate security testing during build and deployment phases.
- Design and maintain secure configurations for cloud infrastructure using Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.
- Implement security controls and standards for containerized applications in Kubernetes, ensuring the security and compliance of container orchestration environments.
- Maintain robust security policies and documentation covering all aspects of data protection, access control, and incident response.
Cloud Security And Infrastructure Management:
- Implement and manage cloud security solutions, particularly within AWS, using tools such as AWS WAF, GuardDuty, and Macie.
- Develop and enforce IAM policies and access controls to ensure proper identity and data management across all environments.
- Perform hardening of container images and ensure their secure deployment in line with best practices for cloud-native security.
- Conduct regular audits and reviews of cloud security configurations to identify and remediate misconfigurations and potential vulnerabilities.
Monitoring, Incident Management, And Vulnerability Assessment:
- Establish and maintain a comprehensive security monitoring and alerting framework using ELK Stack, Prometheus, and other monitoring tools.
- Conduct regular vulnerability scans, penetration tests, and security assessments to identify risks and vulnerabilities across applications and infrastructure.
- Lead incident response efforts, including analysis, containment, eradication, and recovery, ensuring effective and timely resolution of security incidents.
- Document and communicate post-incident reports and security findings to relevant stakeholders.
Security Governance And Compliance:
- Ensure adherence to industry standards and regulatory compliance (e.g., GDPR, CCPA) through continuous review and implementation of security controls.
- Create and maintain security guidelines, hardening checklists, and compliance documentation to support secure system development and operation.
- Coordinate with internal teams and external auditors during security assessments and compliance reviews.
Continuous Improvement And Collaboration:
- Identify and implement opportunities for process improvements in security testing, automation, and deployment workflows.
- Collaborate closely with development, QA, and operations teams to build a security-first culture and integrate secure practices into daily operations.
- Conduct security training sessions and workshops for development teams to promote secure coding and operational practices.
- Develop and maintain documentation for security processes, standards, and best practices to support knowledge sharing across the organization.
Qualifications:
Technical Expertise:
- Strong experience in DevOps and security tools and technologies, with a focus on secure CI/CD practices and cloud security (AWS preferred).
- Deep understanding of DevSecOps methodologies and practices, with hands-on experience securing containerized and cloud-based infrastructure.
- Proficiency in security tools and platforms such as SonarQube, Trivy, Burp Suite, GuardDuty, AWS WAF, and ELK Stack.
- Advanced knowledge of application security, secure coding practices, and vulnerability management.
- Familiarity with Infrastructure as Code (IaC) tools like Terraform and CloudFormation for managing secure and scalable infrastructure.
- Experience with programming and scripting languages such as Python, Shell, or similar alternatives.
Security Skills:
- Hands-on experience with security analysis tools for SAST, DAST, and SCA.
- Expertise in penetration testing, incident response, and cloud security auditing.
- Strong understanding of cryptography, identity management, and secure access control.
Problem Solving:
- Strong analytical and troubleshooting skills to resolve complex security issues.
- Ability to perform threat modeling and risk assessment to identify potential security gaps and define effective solutions.
Communication:
- Excellent communication skills with the ability to collaborate effectively across technical and non-technical teams.
- Strong documentation skills to support security policy development and incident response procedures.
- Advanced English proficiency, both written and spoken, to communicate clearly with global partners and stakeholders.
Join Our Team:
If you're driven by curiosity, eager to tackle challenges, and ready to make an impact in the fast-evolving E-Learning space, we'd love to hear from you. Join KnowledgeCity and help us make the world more professional and better!
