Lam Research

This technical role will orchestrate and integrate security processes and technologies (as needed) into the development CI/CD pipeline around SDLC of Lam software products.  The role supports enterprise application security development by guiding them through secured SDLC modeling.  This person must have in-depth knowledge of OWASP top 10 and other similar frameworks to lead a team of product security analysts.

Design and guide the implementation of secure software development life cycle practices including code review, static and dynamic code analysis, secured GIT/CVS/SVN, peer review, and vulnerability assessment.
Develop DevSecOps capabilities including identifying security scanning tools (SAST, DAST, IAST, SCA) to be integrated into scrum processes
Guide and evangelize the organization in establishing end to end strong secure SDLC/DevOps policies and standards to foster security of CI/CD pipeline
Strong experience working with Agile framework
Strong experience working with Static/Dynamic/Interactive Application Security Tools and Run-time Application Security Protection tools
Hands on experience working with tools (Jenkins/Bitbucket/Artifactory) that goes into CI/CD pipeline
Strong experience working in Azure cloud environment, utilizing Microsoft DevOps tools to architect secured coding to protect sensitive data
Research, evaluate and implement new security prototypes to meet an ever-evolving security risk posture
Demonstrate a passion for engineering and a proven track record of delivering great software
Ability to drive product and program conversations to negotiate tradeoffs between tactical and strategic goals.
Experience with security activities throughout the software development lifecycle – design reviews, threat modeling, fuzzing, code reviews, tooling, penetration testing.

For more & updated details, hit “Apply for job”