Equifax, Inc.
Lead Software Engineer - Cybersecurity
Equifax, Inc., Des Moines, Iowa, United States,
The Lead Software Engineer - Cybersecurity is responsible for designing, implementing, and maintaining security measures to protect the organization’s IT infrastructure, systems, and data from cyber threats. This role involves building solutions that enable conducting and reviewing vulnerability assessments, custom security solutions, and rapid response to security incidents, as needed.This role is focused on our FedRAMP initiative and will be supporting cybersecurity tooling - automating reports and creating new custom dashboards.Equifax has a hybrid work schedule that allows for 2 days of remote work (Monday and Friday), with 3 days onsite (Tuesday, Wednesday, Thursday) every week.This role will work the required onsite days at our Equifax office in Alpharetta, GA (preferred), midtown ATL, Saint Louis, MO, or Reston, VA.Sponsorship is not available for this position.This is a direct-hire role - not open to C2C.What You’ll Do
Participate in implementing pre-defined security practices in both on-premise and cloud environments to reduce risk in various types of compute and container-based infrastructure.Work as part of a small team providing internal support to our Engineering organization and enable others to be more productive in what they do.Build systems using existing tools to provide posture and compliance feedback to application teams building their own systems for deployment in various environments.Provide scalable automation for deployment, testing, CI/CD, and solution support.Identify issues and propose solutions before they become problems.Embrace the importance of secure systems and improve the security posture of the environment as well as remediate identified security vulnerabilities and ensure adherence to best practices and company standards.Write technical documentation to capture processes and procedures.You will automate system scalability and continually work to improve system resiliency, performance and efficiency.Provide high-level support to teams implementing the solutions you have designed.What experience you need
BS in Computer Science or a related technology field.7+ years of experience with programming/scripting languages such as Python, Bash, and/or Node.js.6+ years of experience developing and/or administering software in GCP (GKE, Cloud SQL, PubSub, GCE, GCS, etc) AND/OR AWS (Kinesis, Lambda, S3, EC2 etc).4+ years of experience in containerization, Kubernetes (GKE and EKS), Helm, and microservices.Experience managing Infrastructure as code via tools such as Terraform, CloudFormation, or Github Actions.5+ years of experience in the DevOps space including solid understanding of Linux and network administration, and Infrastructure as Code experience.4+ years of experience with Enterprise security best practices, implementation, and remediation.Experience rolling out new solutions, working with stakeholders and getting buy-in.What could set you apart
Experience with scaling and operating distributed data stores, databases, file systems, and microservices.Previous experience with enterprise EDR and vulnerability management systems.You have expertise designing, analyzing and troubleshooting large-scale distributed systems.You take a system problem-solving approach, coupled with strong communication skills and a sense of ownership and drive.Previous experience with Security Technical Implementation Guides (STIG) and how they fit into the larger CI/CD ecosystem.Understanding of FedRAMP requirements.You are passionate for automation with a desire to eliminate toil whenever possible.Proficiency with continuous integration and continuous delivery tooling and practices.System administration skills, including automation and orchestration of Linux/Windows.GCP and/or AWS certifications.CISSP certification.#LI-Hybrid#LI-KD1
#J-18808-Ljbffr
Participate in implementing pre-defined security practices in both on-premise and cloud environments to reduce risk in various types of compute and container-based infrastructure.Work as part of a small team providing internal support to our Engineering organization and enable others to be more productive in what they do.Build systems using existing tools to provide posture and compliance feedback to application teams building their own systems for deployment in various environments.Provide scalable automation for deployment, testing, CI/CD, and solution support.Identify issues and propose solutions before they become problems.Embrace the importance of secure systems and improve the security posture of the environment as well as remediate identified security vulnerabilities and ensure adherence to best practices and company standards.Write technical documentation to capture processes and procedures.You will automate system scalability and continually work to improve system resiliency, performance and efficiency.Provide high-level support to teams implementing the solutions you have designed.What experience you need
BS in Computer Science or a related technology field.7+ years of experience with programming/scripting languages such as Python, Bash, and/or Node.js.6+ years of experience developing and/or administering software in GCP (GKE, Cloud SQL, PubSub, GCE, GCS, etc) AND/OR AWS (Kinesis, Lambda, S3, EC2 etc).4+ years of experience in containerization, Kubernetes (GKE and EKS), Helm, and microservices.Experience managing Infrastructure as code via tools such as Terraform, CloudFormation, or Github Actions.5+ years of experience in the DevOps space including solid understanding of Linux and network administration, and Infrastructure as Code experience.4+ years of experience with Enterprise security best practices, implementation, and remediation.Experience rolling out new solutions, working with stakeholders and getting buy-in.What could set you apart
Experience with scaling and operating distributed data stores, databases, file systems, and microservices.Previous experience with enterprise EDR and vulnerability management systems.You have expertise designing, analyzing and troubleshooting large-scale distributed systems.You take a system problem-solving approach, coupled with strong communication skills and a sense of ownership and drive.Previous experience with Security Technical Implementation Guides (STIG) and how they fit into the larger CI/CD ecosystem.Understanding of FedRAMP requirements.You are passionate for automation with a desire to eliminate toil whenever possible.Proficiency with continuous integration and continuous delivery tooling and practices.System administration skills, including automation and orchestration of Linux/Windows.GCP and/or AWS certifications.CISSP certification.#LI-Hybrid#LI-KD1
#J-18808-Ljbffr