Security Architecture Engineer

At

• HUB International
• , we are a team of entrepreneurs. We believe in protecting and supporting the aspirations of individuals, families, and businesses. We help our clients evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees to learn, grow, and make a difference. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence. HUB is a global insurance and employee benefits broker, providing a boundaryless array of business insurance, employee benefits, risk services, personal insurance, retirement, and private wealth management products and services. With over $5 billion in revenue and almost 20,000 employees in 600 offices throughout North America, HUB has grown substantially, in part due to our industry leading success in mergers and acquisitions.As a
• Security Architecture Engineer
• with a focus on
• DevSecOps
• , you will play a critical role in ensuring that security is embedded throughout the software development lifecycle (SDLC) and in continuous integration / continuous deployment (CI / CD) pipelines. You will be responsible for designing, building, and maintaining security controls that ensure application, infrastructure, and cloud security across both on-premises and cloud environments.Desired experience with tools such as
• Terraform
• Ansible
• , or
• Puppet
• used to automate infrastructure provisioning with security baked in.Desired experience with tools used to manage and enhance security testing for code analysis, container security, and open-source vulnerabilities (e.g.,
• Aqua
• Twistlock
• Trivy, Boost
• ).
• Work with development and operations teams to fix vulnerabilities identified during automated scans or manual reviews.
• Ensure continuous monitoring of cloud and application environments through security information and event management (SIEM) and cloud security monitoring tools.
• Establish security incident response workflows within DevOps processes to ensure rapid detection and remediation of security incidents.
• Serve as a liaison between development, operations, and security teams in a decentralized, regionally dispersed organization to drive the adoption of DevSecOps practices.
• Conduct training and knowledge-sharing sessions to educate developers and operations staff on secure coding practices, security testing, and DevSecOps principles.
• Work closely with compliance and governance teams to ensure that regulatory requirements (e.g.,
• GDPR
• HIPAA
• PCI-DSS
• ) are met within the DevOps environment.
• Hands-on experience automating security tests (e.g., SAST, DAST, IAST) and integrating security tools into CI / CD pipelines.
• Desired exposure to
• container security
• tools (e.g.,
• SentinelOne, Aqua Security
• Twistlock
• Sysdig
• ).
• Desired experience with cloud infrastructure security for
• AWS
• Azure
• , or
• Google Cloud
• , including the use of cloud security tools (e.g.,
• AWS GuardDuty
• Azure Security Center
• GCP Security Command Center)
• Strong experience with DevOps tools and platforms (e.g.,
• Jenkins
• GitLab
• Travis CI
• Azure DevOps
• CircleCI
• ).Proficiency in at least one programming language (e.g.,
• Python
• Go
• Java
• Node.js
• ) and scripting languages like
• Bash
• or
• PowerShell
• .Experience with infrastructure-as-code (IaC) tools such as
• Terraform
• Ansible
• Puppet
• , or
• Chef
• to automate security configurations.Familiarity with building and securing containerized environments, particularly with
• Docker
• and
• Kubernetes
• Knowledge of securing microservices architectures, API gateways, and distributed systems.
• Desired experience securing cloud-native services, containers, and serverless architectures.
• Desired experience in implementing
• identity and access management (IAM)
• policies,
• data encryption
• network segmentation
• , and
• logging / monitoring
• in cloud environments.
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• AWS Certified DevOps Engineer Professional
• Certified Kubernetes Security Specialist (CKS)
• Certified Ethical Hacker (CEH)
• Bachelors Degree
• in Information Security, Computer Science, or related field (or equivalent work experience).
• 5+ years
• of experience in security engineering or DevSecOps.
• Strong understanding of
• security frameworks
• such as
• NIST
• CIS
• , and
• OWASP Top 10
• Experience in cloud security, including public cloud (AWS, Azure, GCP) and cloud-native applications.
• Demonstrated ability to work with development and operations teams to implement security controls in a DevOps environment.
• Collaborate with development, DevOps, and security teams to align on security requirements and practices within the SDLC.
• Work cross-functionally to identify security risks and enforce secure coding, cloud, and infrastructure practices.
• Provide technical leadership and mentor junior team members on DevSecOps practices and automation.
• Demonstrate the ability to work autonomously in developing and implementing security architectures for cloud and DevOps environments.
• Manage multiple projects independently, prioritizing tasks based on risk and business needs.
• Lead the identification and remediation of security issues within applications and infrastructure without requiring constant oversight.Bonjour. Nous sommes HUB.Dans un monde en rapide volution, nous conseillons les entreprises et les individus sur la faon de se prparer linattendu. Lorsque vous vous associez nous, vous tes au centre dun vaste rseau dexperts qui vous aideront atteindre vos objectifs grce nos services de gestion de risques, de gestion des demandes dindemnisation et de soutien en matire de conformit. Vous aurez donc lesprit tranquille parce que vous saurez que ce qui compte le plus pour vous sera protg grce un appui constant et des solutions dassurance qui vous mettent en contrle. propos de HUB InternationalHUB International Limited (HUB), dont le sige social est situ Chicago (Illinois), est un important courtier dassurance mondial qui offre des produits et des services complets dans les domaines de lassurance de dommages, de lassurance de personnes, des avantages sociaux, des investissements et de la gestion de risque. Avec des bureaux partout en Amrique du Nord, le vaste rseau de spcialistes de HUB offre la tranquillit desprit en protgeant ce qui compte le plus grce un appui constant et des solutions dassurance sur mesure. Pour plus dinformations, veuillez visiter .

#J-18808-Ljbffr