Description

What's the Job?

• Design, build, and operate scalable security automation that aligns with DCMS controls across cloud native, GenAI, and infrastructure as code environments.
• Translate security requirements into machine-enforced guardrails and application-level controls to prevent risks early in the development process.
• Develop full stack applications (Java + React) to operationalize threat modeling, control validation, and audit evidence generation within engineering workflows.
• Embed security expertise into automation at the source, ensuring audit-ready evidence that regulators and reviewers can trust.
• Collaborate with engineering teams to integrate threat modeling and control validation directly into developer workflows, enabling proactive security measures.

What's Needed?

• Deep understanding of application security, cloud security architecture, and threat modeling techniques.
• Strong experience in full stack Java development, including Java (Spring Boot, REST APIs, microservices architecture) and React (modern JavaScript/TypeScript).
• Proficiency in building automation using Python, Go, and/or Java, with hands-on experience automating security controls in cloud and containerized environments.
• Experience translating threat modeling into automated capabilities such as attack path identification, abuse case modeling, and risk scoring.
• Familiarity with designing API-driven, microservices-based architectures and integrating with CI/CD pipelines and security telemetry systems

Key Skills

Education

Any Graduate