| IAC Security Engineer||Hybrid||Charlotte - North Carolina||12+Month||skype at North, Virginia, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=3350921&uid=f3fcbcc2bafe47d981858dca79c2f0fd From: Shantanu Mishra, Tek Inspirations LLC [email protected] Reply to: [email protected] Hello, Hope you are doing well, Please check the below job description and let me know if you have any suitable candidate for the same: Job Description - Title - IAC Security Engineer Duration - 12 months Location - Charlotte - North Carolina ( HYBRID) MOI - Skype. Must need Local with strong linkedin !! Must Need 10+ years candidates overall !! IAC Security Engineer- Charlotte, NC Build and operate Infrastructure as Code (IaC) security with Wiz across CI/CD for Cybersecurity/Application Security organization using Terraform, ARM/Bicep, CloudFormation, and Kubernetes. The engineer would be responsible to keep pipelines healthy, reduce noise, tune policies, and enable developersso misconfigurations are prevented before deployment. IN addition, engineer and test rulesets (OPA/Rego), integrate Wiz into CI/CD, own reliability, and upgrades, and enable developers with fast, low noise feedback across Terraform, ARM/Bicep, CloudFormation, and Kubernetes. Key Responsibilities Design, implement, and tune custom IaC rules in Rego/OPA to extend Wiz beyond built-in checks; codify internal guardrails and compliance mappings; maintain versioned policy packages. Build automated regression tests for rules (sample repos, TF plans, K8s manifests); measure quality and iteratively reduce false positives prior to enforcement (report warn block). Perform pipeline health checks, triage failed scans and monitor tool availability to minimize developer friction. Validate severity, de duplicate/mark false positives, and route issues to the right owners at repo/service level; drive high signal to noise at scale. Tune IaC policies/rules (including policy as code), version changes, align to internal standards/frameworks, and roll out safely with staged enforcement (report warn block). Integrate Wiz CLI into pipelines; implement gating thresholds; publish artifacts (JSON/SARIF) for traceability; optimize run time and concurrency. Deploy and maintain Wiz DevOps extensions and/or Wiz Scanner plugin; standardize pipeline templates with block/warn logic across services. Leverage Wiz VCS integrations to surface PR/MR feedback and ownership context across GitHub, GitLab, and Azure Repos. Enable local/PR scanning and IDE workflows (Wiz VS Code extension); deliver how to fix guidance, sample modules, and office hours to accelerate remediation. Partner with platform teams to embed scanning in golden pipelines/modules and drive consistent adoption. Run office hours and Slack/Teams support; explain failures with actionable fix guidance; promote local/PR/IDE scanning; review PRs/modules. Own tool health and upgrades: Wiz CLI updates, policy bundle refreshes, CI/CD plugin versions, and regression tests; document rollback and warn mode fallbacks. Work with Wiz support/product to escalate defects, track roadmap, and schedule change windows; align integrations using the official Wiz integrations ecosystem. Triage findings at scale; validate severity, de dupe/suppress noise, and auto route to owners; maintain exception ledger with expiries and compensating controls. Integrate with ServiceNow (AVR/CVR/ITSM) for ticket synchronization and SLA tracking; ensure bidirectional status updates and reporting. Support publishes monthly dashboards (coverage, block rates, MTTR, exception aging, false positive rate); prepare audit evidence (policy mappings, change logs, access reviews). Tools & Technologies Wiz for IaC scanning and CI/CD policy enforcement. IaC stacks: Terraform, CloudFormation, ARM/Bicep, Kubernetes/Helm. Pipelines/VCS: Azure DevOps/GitHub/GitLab/Jenkins. Ticketing/Governance: ServiceNow workflows for finding lifecycle and exceptions. Qualifications Must Have 8+ years in AppSec/Cloud Sec/DevSecOps with hands on Terraform and Kubernetes security. Practical experience operating Wiz (or similar) for IaC in CI/CD. Policy as Code skills (e.g., OPA/Rego) or equivalent rule tuning experience. CI/CD fluency and Git workflows; strong triage/routing at scale; clear written/verbal communication for developer enablement. Nice to Have ServiceNow AVR/CVR/ITSM integration experience; JIRA/defect tracker routing. VS Code/IDE enablement for developer workflows. Cloud certifications (Azure/AWS/GCP), Terraform Associate, CKA/CKAD. Scripting (Python/Bash/Power) for automation and reporting. Thanks ®ards, Shantanu Mishra Technical Recruiter Tek Inspirations LLC- 13573 Tabasco Cat Trail, Frisco, TX 75035 E: - [email protected] Disclaimer: If you are not interested in receiving our e-mails then please reply with a "REMOVE" in the subject line to [email protected]. And mention all the e-mail addresses to be removed with any e-mail addresses, which might be diverting the e-mails to you. We are sorry for the inconvenience. Hire our IT Recruiter at just $499/month. Keywords: continuous integration continuous deployment information technology Delaware North Carolina Texas IAC Security Engineer||Hybrid||Charlotte - North Carolina||12+Month||skype [email protected] http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=3350921&uid=f3fcbcc2bafe47d981858dca79c2f0fd |
| [email protected] View All |
| 04:12 AM 06-May-26 |