This individual must have a detailed understanding of security in cloud-based distributed SaaS environments as well as on-premise, customer managed installations.

This individual will be responsible for collaborating with multiple cross-functional teams to manage security reviews, threat models, penetration testing, authentication, authorization and encryption strategies for microservice based cloud architectures as well as single machine applications and just about everything else in-between.

This individual will also be responsible for implementing and addressing the security issues in the Aspera products whether it’s implementing a new security fea

Required Technical and Professional Expertise

• 6+ years of Good programming knowledge in languages like Ruby or Golang
• In-depth knowledge of common vulnerabilities (e.g., SQL Injection, XSS, CSRF), Session/Cookie management
• CVE management lifes cycle
• Experience with CI/CD pipelines and tools like Jenkins, Docker, and Kubernetes.
• Understanding of encryption algorithms, secure key management, and protocols like TLS/SSL.
• Skills in identifying and remediating security vulnerabilities within applications and infrastructure.
• Knowledge of securing RESTful APIs, handling authentication, and authorization using Oauth, JWT.

Preferred Technical and Professional Expertise

• Security architecture in distributed cloud environments.
• Cryptography.
• Threat Assessment.
• Security Design and Review process.
• Ability to convey complex ideas to technical and non-technical audiences.
• Attention to details