Website:
fetchjobs.co
Job details:
About The Company
Sapphire Software Solutions Inc is a leading technology consulting firm dedicated to delivering innovative and comprehensive IT solutions to clients across various industries. With a strong focus on security, cloud computing, and digital transformation, Sapphire Software Solutions Inc prides itself on its commitment to excellence, integrity, and customer satisfaction. The company fosters a dynamic and inclusive work environment that encourages continuous learning and professional growth. As a trusted partner in technology, Sapphire Software Solutions Inc leverages cutting-edge tools and methodologies to help organizations optimize their operations and secure their digital assets.
About The Role
We are seeking a highly skilled and motivated Cloud & CI/CD Security Subject Matter Expert (SME) to join our client's Security Operations team within the Attack Surface Management (ASM) division. This is a remote, contract-based position with a duration of one year, offering the flexibility of working from anywhere. The ideal candidate will possess deep expertise in cloud security, CI/CD pipeline security, and Infrastructure-as-Code (IaC) security practices. As a key member of the security team, you will be responsible for managing the end-to-end lifecycle of security findings, from detection and triage to remediation and closure, across multi-cloud environments, CI/CD pipelines, and code repositories. Your insights and guidance will be vital in safeguarding the organization’s cloud infrastructure and development pipelines against evolving security threats.
Qualifications
- 3 to 6 years of hands-on experience in cloud security operations, DevSecOps, CI/CD security, or a closely related security engineering role.
- Proven expertise in securing CI/CD pipelines, including pipeline infrastructure and security within the pipelines.
- Strong scripting and automation skills to streamline operational security workflows.
- Experience investigating and remediating hardcoded secrets in production repositories, credential rotation, and commit-history remediation.
- Ability to review Infrastructure-as-Code (IaC) templates for security misconfigurations and develop developer-friendly remediation guidance.
- Solid understanding of Identity and Access Management (IAM) design, cloud networking, and secure configuration principles across major cloud platforms, with AWS preferred.
- Experience managing security findings within SLAs, including escalation, exception handling, and stakeholder communication.
- Excellent ability to translate complex technical findings into clear, actionable guidance for both technical and non-technical audiences.
- Comfort working within a globally distributed team with cross-functional dependencies involving cloud engineering, DevOps, and architecture groups.
- Experience operating and tuning enterprise-scale cloud security posture tools, including policy customization and alert lifecycle management.
Responsibilities
- Own the full lifecycle of security findings, from initial detection and triage through to remediation, escalation, and closure.
- Collaborate with engineering, DevOps, and architecture teams to provide expert guidance on cloud and code security best practices.
- Develop and maintain operational runbooks and playbooks for the Attack Surface Management team to ensure consistent and effective incident response.
- Conduct security reviews of CI/CD pipelines, infrastructure, and code repositories to identify vulnerabilities and misconfigurations.
- Investigate security incidents related to hardcoded secrets, credential management, and IaC misconfigurations, implementing remediation strategies.
- Automate security workflows and processes to improve efficiency and reduce manual intervention.
- Assist in designing and implementing IAM policies, network configurations, and security controls aligned with industry best practices.
- Monitor cloud security posture tools, tune policies, and manage alerts to ensure optimal security coverage.
- Participate in security audits, compliance documentation, and evidence collection to support organizational governance and regulatory requirements.
- Engage with stakeholders across multiple regions to ensure security findings are addressed within agreed SLAs and communicate effectively about security posture.
Benefits
Joining Sapphire Software Solutions Inc offers a competitive benefits package that includes flexible remote working arrangements, professional development opportunities, and exposure to cutting-edge security technologies. Employees gain the chance to work with a diverse, global team and contribute to impactful projects that enhance organizational security posture. The company values work-life balance and provides support for continuous learning, certifications, and career progression. Additionally, employees have access to comprehensive health benefits, paid time off, and other perks designed to foster a supportive and engaging work environment.
Equal Opportunity
Sapphire Software Solutions Inc is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, disability, or any other protected status. We believe that a diverse workforce enhances innovation and drives success, and we are dedicated to providing equal employment opportunities to all qualified candidates.
Click on Apply to know more.