Overview
Come join the Threat Discovery & Analysis (TDA) team within Navy Federal's Cloud Security Group. In this role, you will deliver on a dynamic team responsible for threat modeling, security testing, and continuous threat discovery of Navy Federal cloud workloads. To drive embedding security seamlessly into the product development lifecycle for cloud applications and environments. Serve as a technical interface and subject matter expert working with development teams on securing cloud infrastructure and workloads by designing, implementing, and operationalizing capabilities. Support the implementation of continuous security monitoring practices along with threat and vulnerability prevention, detection, and response capabilities on cloud assets. Works independently under limited supervision and/or in a team environment.
Responsibilities
- Provide subject matter expertise on secure architecture, design and coding practices based on current knowledge of security threats and vulnerabilities that could impact the technology stack
- Leverage and develop automated techniques for continuously identifying cloud infrastructure and workload risks
- Develop approaches for hardening cloud native containers starting with the build all the way through the lifecycle including the run time environment
- Collaborate with dependent teams to develop cloud security standards and verify controls are implemented for hardening infrastructure, hardening infrastructure as code, hardening CI/CD pipelines, and hardening containers
- Translate cloud security policies and standards into machine-readable, automated guardrails using cloud-native, open source, custom scripting, and commercial security tools
- Design and implement continuous monitoring practices to verify security properties at runtime with continuous feedback to teams responsible for triage, detect tracking, and remediation workflows
- Develop and implement monitoring and contextual incident response alerting patterns targeting cloud infrastructure and runtime assets for the security operations center, including integration with SEIM/SOAR technologies
- Support definition of Secure SDLC standard to include security architecture, design and coding requirements for infrastructure, application and data to align with application security maturity model and adopt a shift-left approach for security
- Lead security innovation and best practices in product development through collaboration and learning from industry professionals and consortiums
- Perform other duties as assigned
Qualifications
- Bachelor's Degree in Information Technology or the equivalent combination of education, training or experience
- 6 years or more experience in the field of cybersecurity and/or application security
- Experience implementing cloud security posture management, workload protection, and cloud-native application protection platform tools (e.g. Defender for Cloud, Aqua, Prisma Cloud, Orca, Wiz)
- Experience with one or more cloud platforms (e.g. Azure, Amazon, Oracle, GCP)
- Experience with methodologies and security testing tools for threat analysis of complex applications and services including threat modeling, software fuzzing, static and dynamic analysis and penetration testing
- Build automation for continuous cloud asset discovery and configuration management
- Implement cloud security automation such as cloud security posture management (CSPM) and cloud workload protection capabilities (CWPP)
- Implement automation to support Information Security reporting metrics to reflect overall cloud compliance and cloud security health to senior leadership
- Experience in software development including Java, Python, .Net, and scripting languages - Experience with cloud security analysis and design techniques
- Experience with cloud security practices and procedures, including risk assessment, authentication technologies, security monitoring, runtime defenses, and security attack patterns and practices
- Advanced knowledge in security best practices, principles, and common security frameworks such as OWASP, NIST and ISO
- Experience building secure software based on frameworks such OWASP ASVS, BSIMM, or NIST SSDF
- Advanced knowledge of secure architecture and design patterns for Web, Mobile and Microservices
- Advanced knowledge of current and emerging threats and techniques for exploiting security vulnerabilities
- Experience securing cloud infrastructure and applications
- Advanced organizational, planning and time management skills
- Advanced communication, presentation and analytical skills
Desired Qualifications and Education Requirements:
- Advanced degree in Information Technology, or the equivalent combination of education, training or experience
- Experience with Azure DevOps, Kubernetes, Splunk, and Tanzu/Pivotal Cloud Foundry technologies
- Experience with ARM and Infrastructure as code
- Proficient with Azure Resource Graph and Kusto Query and scripting languages
- CISSP, CISM or other related Information Security certifications
- Advanced knowledge of Navy Federal's functions, philosophy, operations and organizational objectives
Hours: Monday - Friday, 8:00AM - 4:30PM
Location: 820 Follin Lane, Vienna VA 22180 | 5550 Heritage Oaks Dr Pensacola, FL 32526 | 141 Security Dr. Winchester, VA 22602 | Remote
Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report on-site 4-16 days each month. The number of days reporting on-site will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and on boarding process.
About Us
You have goals, dreams, hobbies, and things you're passionate about-what's important to you is important to us. We're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them-friends, family, and passions. And we're looking for team members who are passionate about our mission-making a difference in military members' and their families' lives. Together, we can make it happen. Don't take our word for it:
- Military Times 2022 Best for Vets Employers
- WayUp Top 100 Internship Programs
- ForbesR 2022 The Best Employers for New Grads
- Fortune Best Workplaces for Women
- Fortune 100 Best Companies to Work ForR
- ComputerworldR Best Places to Work in IT
- Ripplematch Campus Forward Award - Excellence in Early Career Hiring
- Fortune Best Place to Work for Financial and Insurance Services
Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/Disability
Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position
Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.
REQNUMBER: 14894
