Job Description

What We\'ll Bring: The AWS Cloud/DevSecOps Engineer will be working with Internal TU InfoSec engineering teams and focusing on AWS Security, infrastructure and automation. A key part of the role is championing and leading Security as code. The Engineer will work closely with the team to build, manage and automate DevSecOps CI/CD pipeline for AWS workloads. At TransUnion, we strive to build an environment where our associates are in the driver\'s seat of their professional development, while having access to help along the way. We encourage everyone to pursue passions and take ownership of their careers. With the support of colleagues and mentors, our associates are given the tools needed to get where they want to go. Regardless of job titles, our associates have the opportunity to learn new things and be a leader every day. Come be a part of our team - you\'ll work with great people, pioneering products and cutting-edge technology. What You\'ll Bring: What You\'ll Bring: Bachelor\'s Degree in Computer Science or related field. Overall, 7+ years of overall IT experience with at least 5+ years of experience in a Cloud, Security Engineering or related position. At least 2+ years of development experience with Amazon Web Services. Working knowledge and experience with Infrastructure as Code (IaC) including enterprise/Cloud configuration management and service orchestration tools such as Ansible, Terraform, Puppet, CloudFormation, or similar automation technologies. Solid communication skills (both written and verbal) regardless of audience, with ability to lead/steer project meetings or troubleshooting sessions. Experience working with cloud security and governance tools, cloud access security brokers. Conducting research into new technologies in the cloud space that benefit TransUnion in the areas of Cloud, CI/CD, DevSecOps and deployment automation. Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization. Experience developing automated tools and deployment workflows leveraging SDLC tools and open- source softwares to develop and strengthen the DevSecOps pipelines performing vulnerability assessments, OSCAP through the use of automated tools (Tenable, Rapid7, Checkmarx , SonarQube etc). Capability to prepare security vulnerability and risk management reports for management. Proficiency in any programming languages and Bash, Python or other scripting languages. Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc). Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines. Hands-on expertise operating with cloud platforms, container technologies, APIs and event-driven automation Robust experience leading efforts to design, deploy and manage security products/services in hybrid environments Strong experience with CI/CD best practices and technologies such as GIT, Jenkins, Terraform, CloudFormation and Ansible. Proficiencies with popular scripting and programming language frameworks such as Python, Bash, NodeJs or Ruby. Demonstrated ability to develop strategies and lead large and complex endeavors. We\'d Love to See Possess a mindset for building incrementally and delivering business value quickly. Stays current with evolving technologies and effectively educates leadership on trends and opportunities. Continuously finds opportunities to simplify and optimize technology and processes. Excellent written and verbal communication skills Self-motivated, eager to learn new things, and adaptable to change able to work productively in a team setting. Comfortable with enterprise change control methodology and project management tools (Agile, Remedy, Rally, etc.). Hands-on deployment/implementation experience in building cloud foundations to support production-scale workloads. Ability to review and analyze vulnerability data to identify security risks to the organization\'s network, infrastructure, and application\'s and determine any reported vulnerabilities that are false positives. Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc. Lead the technical direction to ensure development teams architect applications for high availability and redundancy. Develop and implement a robust suite of security products/services to align with organizational efforts to modernize our growing global cloud architecture Improve critical security capabilities to simplify compliance and provide value-added security enhancements Drives collaboration and continuously finds value and methods for up-skilling others Impact You\'ll Make: Impact You\'ll Make: Lead the technical direction to ensure development teams architect applications for high availability and redundancy. Develop and implement a robust suite of security products/services to align with organizational efforts to modernize our growing global cloud architecture Improve critical security capabilities to simplify compliance and provide value-added security enhancements Drives collaboration and continuously finds value and methods for up-skilling others TransUnion Job Title Sr Engineer, Info Sec Engineering

foundit