Security Architect (GitHub)

Modus Create • Full-time • Remote • 1w ago

We're looking for an experienced and enthusiastic Cyber Security Architect to join our consulting team.

About You

Experience Level: Architect

You have experience in analyzing existing systems from a security and best practices perspective and proposing recommendations for improvements. Your background will include experience with networking (Windows and Linux) and web hosting and how this translates to the cloud. Your focus will be on testing and securing Cloud workloads. You’ll have experience with Microsoft Azure, GitHub, Application Security and good governance mechanisms. You have knowledge of tools such as Tenable.io and Microsoft Defender.

You’ll be broadly familiar with concepts such as CCPA, ISO-27001, PCI compliance and MITRE ATT&CK, but don’t need to be an expert in all of them. You understand DevSecOps processes, SAST and secrets scanning. Your security background may have included working as one or more of: a security analyst, Red Team, Cloud Security Engineer or architecting DevSecOps CI/CD pipelines.

You know what a SIEM is. You’re familiar with OWASP Top 10. You’ll understand concepts around DevSecOps pipelines including static analysis, secret scanning and container vulnerability scanning. You augment your knowledge of cloud systems by using tools such as ScoutSuite for asset and vulnerability detection.

In this role, you’ll be responsible for leading the implementation and management of Github Advanced Security Features, developing and executing a comprehensive security strategy, and optimizing CI/CD pipelines using Github Actions. You’ll also tailor security configurations to meet project requirements, provide training to developers, conduct regular security audits, and assist in incident response efforts related to security vulnerabilities.

We value candidates with certifications such as GitHub Advanced Security Certification, CISSP, CEH, or OSCP and those with experience administering GitHub organizations, managing permissions, and implementing security policies at scale. Strong communication and problem-solving skills are essential to success in this role, as you will need to explain complex security concepts to make sound decisions under pressure.