Upwork ($UPWK) is the world’s work marketplace. We serve everyone from one-person startups to large, Fortune 100 enterprises with a powerful, trust-driven platform that enables companies and talent to work together in new ways that unlock their potential.
Last year, more than $3.8 billion of work was done through Upwork by skilled professionals who are gaining more control by finding work they are passionate about and innovating their careers.
This is an engagement through Upwork’s Hybrid Workforce Solutions (HWS) Team. Our Hybrid Workforce Solutions Team is a global group of professionals that support Upwork’s business. Our HWS team members are located all over the world.
Work/Project Scope:- Develop risk-based mitigation strategies for infrastructure, platforms, operating systems, and applications
- Assisting Engineering Teams on relevant security practices as-need (specific to findings)
- Create and maintain vulnerability management policies, procedures, and training
- Assist with application security vulnerability identification and remediation efforts
- Design and implement automation in Enterprise Cloud Services, such as testing/certification to delivery to manage/run.
- Hands-on experience creating automation using APIs from AWS, Azure, or Google Cloud
- Strong experience with cloud virtualization technologies: Docker, AWS, Azure, VMware, Vagrant, and Packer
- Competent with the following scripting languages: Python, Bash, Go, or Perl.
- Experience with automated test frameworks/tools such as Test Kitchen, InSpec, Jenkins, SonarQube, etc.
- You work well under pressure and have strong written and verbal communication skills and an ability to explain complex tech topics to a non-technical audience, both written and verbal.
- Hands-on experience with Static Code Analysis (SCA) tools and processes.
- Understanding of Secure Software Development Life Cycle (SSDLC).
- Advanced organizational, planning, and time management skills.
- Advanced communication, presentation, and analytical skills.
- Advanced knowledge of AWS IAM, SSM, KMS, Lambda, CloudFormation, and EKS.
- You have experience working with industry-leading vulnerability scanners with the ability to read and understand the information those systems produce to understand what a company’s vulnerability landscape looks like.
- You are familiar with the CVSS scoring methodology for rating vulnerability criticality.
- Advanced knowledge of security best practices, principles, and common security frameworks and benchmarks such as OWASP, NIST, ISO, CIS, and CSA.
- You pride yourself on being an energetic self-starter with personal initiative and experience working in a rapidly changing environment.
- You are proficient in testing & tuning systems and application performance and have experience with Terraform, Chef, Packer, Chocolatey, or Ansible.
- Years of hands-on experience in IAAS and PAAS on a global scale.
- Years of hands-on experience creating Terraform modules, Chef cookbooks or Ansible playbooks from scratch.
- Hands-on experience with Linux and SSH hardening.
- Hands-on experience creating automation using AWS, Azure, or Google Cloud APIs and strong experience with cloud virtualization technologies: Docker, AWS, Azure, VMware, Vagrant, and Packer.
- Advanced Security Certifications include CCSP, CYSA, CISP, CCSE, or SANS Cloud Security.
Upwork is proudly committed to fostering a diverse and inclusive workforce. We never discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
#LI-MP1
To learn more about how Upwork processes and protects your personal information as part of the application process, please review our Global Job Applicant Privacy Notice
