The Senior Security Cloud-Application Developer creates, enhances and integrates tools and controls utilizing state-of-the-art XaaS, DevOps & SecOps platforms. Responsible for enhancing the usability and capabilities of the Global Security Team’s tools and workflows. Accountable to develop new security controls, automations, user interfaces and reporting capabilities. Responsible for layering intuitive web and mobile user interfaces on current and new tooling, controls and applications. Works with security professionals, developers, engineers and IT teams, to insure the appropriate security capabilities exist to protect NetApp and it’s information systems. The Cloud Application Developer is expected to have a thorough understanding of cloud development, complex IT systems, experienced in enterprise systems integration and stay up to date with the latest security standards, emerging security technologies, as well as security best practices.
Cloud: • Experience with one or more public cloud service providers: AWS, Azure or Google • Understanding of migration of security from traditional infrastructure and applications to cloud services • Working knowledge of cloud native and third-party security controls
Application: • Understanding of the secure software development lifecycle • Working knowledge of DevOps Security concepts for Continuous Integration/Continuous Delivery (CI/CD) environments • Experience with Agile development methodologies
General: • Knowledge of compliance and security requirements to design implementable and repeatable controls • Understanding of cloud-based systems architecture and related security principles
• Support immediate and long-term security initiatives and projects • Contribute to creation and maintenance Global Security tools, interfaces and automations • Work as part of an Agile based development team on wide variety of development and security efforts. • Mentor and assist peers as we migrate capabilities into cloud native infrastructure and development processes
• Knowledge of cloud security industry best practices • 4+ years working with one or more cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid) • Experience designing and/or implementing security controls based on one or more leading cloud providers (AWS, Azure, Google Cloud Platform) • Working knowledge of DevOps Security concepts for Continuous Integration/Continuous Delivery environments including the Secure Development Lifecycle • Working knowledge of cloud-based risk assessments, configuration management, change control, and security baselines and frameworks (e.g. NIST CSF, NIST 800-171, CIS, Zero Trust, CSA CMM, etc.) • Agile practitioner a plus • Strong oral and written communication skills; including presentation skills
Typically requires a minimum of 5 years of related experience with a bachelor’s degree; or 3 years and a master’s degree; or equivalent experience.
Certifications such as CISSP, CCSP, CCSK or CISM are a plus.