Lead Software Cloud Security Engineer
3d ago

Since 1992, Ciena has been driven by a relentless pursuit of network innovation. We believe in a network that grows smarter, more agile, and more responsive every day.

This means that when you digitally interact in your world - picking up the phone, streaming video, texting a friend or loved one your interactions are being enabled by Ciena technologies.

Ciena makes your social / entertainment / business existence REAL.

Your Role

We are looking for highly motivated and talented software engineers to join Blue Planet security team, responsible for analyzing vulnerabilities for containers, web interface analysis and deployment security.

Security team maintains secure pasture for Blueplanet portfolio of products and works with all product divisions and cooperates with IT Security, Risk and Compliance Management team to meet business requirements to maintain the confidentiality, integrity and availability of the Ciena product infrastructure and assets.

Services provided are but not limited to :

  • Architecture Review for Threat Management
  • Secure SDLC for all phases : Requirement, Design, implementation and Deployment.
  • Penetration Testing
  • Vulnerability Management : SCA, SAST, DAST
  • Support topics on compliance assessment on ISO readiness and data protection
  • Cloud Security
  • The team also provides consulting services by reviewing & approving the security aspects of the existing network setup, as well as system / software architectures (Application Build Recommendations & Change Requests).

    We believe the recommendation provides the best way to move forward to both strengthening existing security mechanisms and compensating for any inherent security weaknesses.

    Your Responsibilities

  • Facilitate the continuous delivery of IT applications by using Application Lifecycle Management and automation tools.
  • Contribute to delivery and release processes for container and cloud-based pipelines.
  • Maintain, plan, implement, upgrade DevSecOps pipelines
  • Support and advise technical teams on DevOps practices around CI / CD pipelines.
  • Build relationships with developers, data engineers, and product owners to incorporate security principles into engineering design and deployments.
  • Join forces and provision security principles in architecture, infrastructure, and code.
  • Assume ownership of an existing backlog of technical security improvements
  • Supervise testing and validation in application security controls across projects.
  • Coordinate implementation of defensive practices and countermeasures across infrastructure and applications.
  • Draft and uphold CI / CD security strategy and practices in tandem with other technical team leads.
  • Serve as a point of contact for security-based critical issues and remain tightly involved through resolution.
  • Build services, automation, and tools to enable developers and engineers to easily apply security controls into CI / CD pipelines.
  • Use vulnerability database sources to understand the weakness, probability, and remediation options supplied by vendors across the technology stack, as well as workarounds.
  • Regularly research and learn new tactics, techniques, and procedures (TTPs) , and work with colleagues to assess risk and implement / validate controls as necessary.
  • Contribute to the security incident response process and play a leading role in responding to security incidents
  • Perform data analysis and conduct forensic investigations when required
  • Promote a healthy security culture by providing comprehensive training and support to our engineering teams and help create secure by design products and services for our community
  • Minimum Qualifications

  • BS degree in Computer Science, similar technical field of study.
  • At least 8 years of DevOps and Security experience
  • Experience planning, researching, and developing security policies, standards and procedures
  • Experience designing secure networks, systems, and application architectures
  • Experience in privacy, risk and compliance frameworks and controls
  • Proven ability to identify and assess complex risks and understand the mechanisms (people, process, technology) available to manage those risks
  • Experience with DevOps container / orchestration tools (Docker, Ansible, Kubernetes, etc.).
  • Deep knowledge of Operating Systems and Infrastructure, specifically Linux and Cloud Hosting (AWS)
  • Experience with detection, exploitation and validation of security vulnerabilities
  • Proficiency in at least one of the following programming languages : Java, Scala, Python.
  • Skill in conducting DevSecOps in an agile work environment.
  • Familiarity with cloud-based solutions like Amazon AWS, cloud security architecture and security requirements.
  • Experience in black box and white box testing.
  • Exemplary communication skills, especially in dealing with multiple stakeholders
  • Comfortable communicating your technical thought process to non-technical team members
  • Able to take a risk-based approach and effectively prioritize many competing demands
  • Proactive attitude, customer and result oriented.
  • Preferred Qualifications

  • Experience with Terraform
  • Experience with CIS container security
  • Experience with serverless architectures.
  • Experience with Vault, cognito, OAuth2, Kerberos
  • Experience designing secure ETL pipelines
  • About Ciena

    Ciena is a network strategy and technology company with a passion to provide an experience, to you and our customers that is as rewarding as the outcome.

    We attract the best and brightest those with outstanding talent, motivation, and the right attitude to contribute to our success.

    Our culture balances our openness and informality with professionalism and trust and is built on the foundation of our core values : Customer First, Integrity, Velocity, Innovation, and Outstanding People.

    Ciena enables everyone to have a voice and a network that supports them while on the journey to discovering their passion and purpose.

    We trust each individual to do what they can to reach their full potential and make an impact on the business, whenever, wherever they are in the world.

    With Ciena’s highly innovative, forward-thinking business practices, we reward people for pushing the boundaries. Unlock your potential at Ciena!

    Being You Ciena

    As part of our commitment to diversity and inclusion, we want to foster an environment that values and respects all individual’s strengths, perspectives, ideas, and ability to meet the needs of our customers globally.

    Ciena values the diversity of its workforce and respects its employees as individuals, regardless of race, ethnicity, religion, gender, age, national origin, disability, sexual orientation, veteran or marital status or any other category protected by applicable law.

    We do not tolerate any form of discrimination.

    Ciena is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

    If contacted in relation to a job opportunity, you should advise Ciena in a timely fashion of the specific accommodation measures required for you to be assessed in a fair and equitable manner.

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form