Skip to main content
TimesPro logo

The Times Group - Security Specialist

TimesPro
Full Timemid
INPosted April 14, 2026

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

AWSGCPAzureDockerTerraformJenkinsGitGitLabRESTCI/CDAPI

Sign up free to auto-tailor your resume with all these keywords and get a higher ATS score

Job Description

Description & Responsibilities And Governance Standards

  • Ensure adherence to GDPR, HIPAA, PCI DSS, and other standards.
  • Maintain audit trails with AWS CloudTrail and Bitbucket Activity Logs.

Assessments

Vulnerability Assessment, Penetration Testing (VAPT), and Hardening :

  • Perform regular vulnerability assessments on AWS resources using tools like AWS Inspector, Nessus, or Qualys.
  • Service Hardening : Apply AWS best practices to secure services like EC2, RDS, and S3.
  • Encryption : Implement encryption in transit and at rest using AWS KMS and SSL/TLS.

Infrastructure Security

Cloud Security :

  • Use AWS services (Security Hub, GuardDuty, CloudTrail) and GCP tools (Security Command Center, IAM) to harden cloud environments.
  • Automate infrastructure deployment with Terraform or AWS CloudFormation, ensuring security best practices.
  • Scan IaC using Checkov, Terrascan, or AWS Config Rules.

Application Security

SAST and DAST :

  • Perform SAST during development to identify vulnerabilities early.
  • Conduct DAST in staging or production using tools like Burp Suite, OWASP ZAP, or AppScan.

Android Security

  • Test Android apps using tools like MobSF, QARK, or Drozer.
  • Ensure compliance with OWASP MSTG standards.

Ethical Hacking And Ransomware Testing

  • Ransomware Simulation : Simulate ransomware attacks to test recovery capabilities and data resiliency.
  • Ethical Hacking : Perform ethical hacking exercises to assess system vulnerabilities and identify potential breaches

Threat Analysis & Threat Modeling

  • Conduct regular threat analysis to evaluate potential risks to cloud infrastructure and applications.
  • Create and maintain threat models for applications, services, and infrastructure to identify attack vectors and mitigation strategies.
  • Use tools like Microsoft Threat Modeling Tool, OWASP Threat Dragon, or custom modeling techniques to identify and prioritize risks.

Code Scanning

  • Use Bitbucket Code Insights for integrated security scan results in PRs.
  • Monitor repositories for exposed credentials or sensitive data.
  • Automate IaC scanning with tools like Checkov.

CI/CD And Code Security

Secure Pipelines :

  • Integrate Bitbucket Pipelines with AWS services for secure deployments.
  • Automate security checks at each pipeline stage :
  • SAST (Static Application Security Testing) : Use tools like SonarQube.
  • DAST (Dynamic Application Security Testing) : Use tools like OWASP ZAP or Burp Suite.
  • Dependency scanning using tools like OWASP Dependency-Check.
  • Container security scanning for Docker images.

API Security

  • Secure APIs with OAuth2, JWT tokens, and mutual TLS.
  • Implement rate-limiting and throttling to prevent abuse.
  • Integrate APIs with AWS Cognito or other identity providers for authentica

Monitoring

Monitoring and Incident Response :

  • Use AWS CloudWatch, GuardDuty, and Bitbucket monitoring features.
  • Configure proactive alerts using PagerDuty or Slack for Bitbucket Pipelines.

Incident Response

  • Automate incident response workflows using AWS Systems Manager or AWS Lambda.
  • Conduct regular incident response drills.

AWS IAM (Identity And Access Management)

  • Policy Design : Create and enforce least privilege access policies.
  • Audits : Conduct regular audits of IAM roles, groups, and policies to ensure compliance and security.
  • Federated Identity : Configure and manage federated identity with external IdPs (e.g., Okta, Azure AD).

Version Control Security

  • Manage repository access using roles (Admin, Developer, Read-Only).
  • Enforce branch protection rules for PR reviews.
  • Secure sensitive data using Bitbucket Pipelines environment variables.

CI/CD Pipeline Integration

  • Integrate Bitbucket Pipelines with security tools like SonarQube or Checkmarx.
  • Automate dependency vulnerability checks.
  • Use pre-commit hooks for code quality and security validation.

Expertise And Qualifications

Key Tools and Technologies :

  • Compliance and Governance
  • GDPR, HIPAA, PCI DSS / AWS CloudTrail and Bitbucket Activity Logs
  • Vulnerability Assessment, Penetration Testing (VAPT), and Hardening
  • VAPT
  • Infrastructure Security
  • AWS services
  • Application Security
  • SAST / DAST
  • Ethical Hacking and Ransomware Testing
  • Ransomware attacks / system vulnerabilities
  • Threat Analysis & Threat Modeling applications, services, and infrastructure
  • Code Scanning
  • SonarQube
  • Checkmarx, OWASP ZAP
  • Source Control
  • Bitbucket, Git
  • CI/CD
  • Bitbucket Pipelines, Jenkins, GitLab CI/CD
  • Cloud Security
  • AWS Security Hub
  • GuardDuty, GCP Security
  • API Management
  • WSO2 API Manager
  • AWS API Gateway

(ref:hirist.tech)

All jobs at TimesPro

Want AI-powered job matching?

Upload your resume and get every job scored, your resume tailored, and hiring manager emails found - automatically.

Get Started Free