Programmer Lead

Job highlights
Identified by Google from the original job post
Qualifications
Exceptional communication and interpersonal skills, with a proven ability to deliver exceptional customer service through training and documentation
Understanding of secure by design principles
Understanding of automation principles, including the use of AI, ML, and scripting, to streamline security tasks
Understanding of the Secure Development Lifecycle (SDLC) and DevSecOps principles to integrate security considerations throughout the application development process
Proficiency in cloud security principles, including identity and access management, data security, and compliance
A bachelor's degree in information technology systems, computer science, cybersecurity, or a related field with 3+ years experience in a security focused role
Relevant experience may be substituted for the degree on a year-for-year basis
Not required, however we prioritize applicants who have:
Certified Incident Handler (GCIH)
Certified Computer Security Incident Handler (CSIH)
EC-Council Certified Incident Handler (ECIH)
EC-Council Certified Network Defender (CND)
GIAC Critical Infrastructure Protection (GCIP)
GIAC Defensible Security Architecture (GDSA)
Responsibilities
Champion DevSecOps through Security Automation: Leverage your full-stack development expertise to design, implement, and maintain security tools and automation
This includes building scripts to automate critical tasks like data security checks, vulnerability scanning, and user access control, streamlining security processes and improving overall efficiency
Monitor and analyze security events: You'll be responsible for monitoring security information and event management (SIEM) tools to identify potential threats and suspicious activity
Along with determine security gaps in these controls to improve overall security posture
This will also involve analyzing logs, investigating alerts, and using your knowledge of security frameworks (NIST, CIS, CISA) to assess risk
Support secure application development: You'll collaborate with developers to ensure secure coding practices are followed throughout the Software Development Lifecycle (SDLC)
This might involve code reviews, threat modeling, and providing guidance on secure development principles
Investigate and respond to security incidents: In the event of a security breach, you'll be part of the incident response team, helping to identify the root cause, mitigate damage, and implement recovery procedures
Document security procedures and best practices: You'll develop clear and concise documentation for security policies, procedures, and best practices
This may involve creating training materials or user guides to ensure everyone understands their role in maintaining security
Provide on-call support when needed and other related duties as required
Job description
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Refulgent Technologies Inc., is seeking the following. Apply via Dice today!

Programmer Lead ONSITE - SC, USA

Daily Duties / Responsibilities:
• Champion DevSecOps through Security Automation: Leverage your full-stack development expertise to design, implement, and maintain security tools and automation. This includes building scripts to automate critical tasks like data security checks, vulnerability scanning, and user access control, streamlining security processes and improving overall efficiency.
• Monitor and analyze security events: You'll be responsible for monitoring security information and event management (SIEM) tools to identify potential threats and suspicious activity. Along with determine security gaps in these controls to improve overall security posture. This will also involve analyzing logs, investigating alerts, and using your knowledge of security frameworks (NIST, CIS, CISA) to assess risk.
• Support secure application development: You'll collaborate with developers to ensure secure coding practices are followed throughout the Software Development Lifecycle (SDLC). This might involve code reviews, threat modeling, and providing guidance on secure development principles.
• Investigate and respond to security incidents: In the event of a security breach, you'll be part of the incident response team, helping to identify the root cause, mitigate damage, and implement recovery procedures. Document security procedures and best practices: You'll develop clear and concise documentation for security policies, procedures, and best practices. This may involve creating training materials or user guides to ensure everyone understands their role in maintaining security.
• Provide on-call support when needed and other related duties as required.

Required Skills (rank in order of importance):
• Exceptional communication and interpersonal skills, with a proven ability to deliver exceptional customer service through training and documentation.
• Expert level experience with C#, Python, powershell, and rust(is a plus)
• Understanding of secure by design principles.
• Understanding of automation principles, including the use of AI, ML, and scripting, to streamline security tasks.
• Understanding of the Secure Development Lifecycle (SDLC) and DevSecOps principles to integrate security considerations throughout the application development process.
• Proficiency in cloud security principles, including identity and access management, data security, and compliance.

Preferred Skills (rank in order of importance):
• Experience with SIEM (Security Information and Event Management) tools, including configuration, tuning, threat hunting, and alert creation.
• In-depth knowledge of security frameworks, including NIST, CIS, and CISA, and their application in a hybrid environment.
• Solid understanding of incident response processes and experience in implementing them effectively.
• Advanced understanding of security controls, including their configuration and implementation in hybrid environments.
• Expertise in data classification and DLP (Data Loss Prevention) configuration to safeguard sensitive information.

Required Education:
• A bachelor's degree in information technology systems, computer science, cybersecurity, or a related field with 3+ years experience in a security focused role. Relevant experience may be substituted for the degree on a year-for-year basis

Required Certifications:
• Not required, however we prioritize applicants who have:
• Certified Incident Handler (GCIH)
• Certified Computer Security Incident Handler (CSIH)
• EC-Council Certified Incident Handler (ECIH)
• EC-Council Certified Network Defender (CND)
• GIAC Critical Infrastructure Protection (GCIP)
• GIAC Defensible Security Architecture (GDSA)