Container Security Lead

Truist Financial-posted 3 months ago
Full-time • Senior
Raleigh, NC
5,001-10,000 employees
Credit Intermediation and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The CSMT Technical Lead serves as the primary technical person for enterprise container security and management initiatives. This role is essential to addressing critical findings from the Management Report of Internal Audit (MRIA) and establishing a comprehensive, automated approach to container image lifecycle management across the organization's containerized infrastructure. The Technical Lead will design, implement, and maintain integrated security solutions that span multiple platforms including CrowdStrike, Artifactory, GitLab, OpenShift, and AWS ECS, while providing strategic leadership to ensure the long-term sustainability and scalability of container security operations. This role requires both strong technical and collaboration skills as well as the ability to handle multiple assignments at once. Engineers at this level could be assigned a specific focus of work, for example Quality Assurance or Coaching, which would not materially change essential duties.

  • Guide, educate, and provide thought leadership to our delivery teams as related to their optimum adoption of DevSecOps practices and framework.
  • Champion the use of DevSecOps as a strategic asset of culture change to enhance the flow of business value to our clients.
  • Make informed decisions and determine which tool best fits any given situation based on proficiencies with multiple vendor products based on each of the above capabilities.
  • Develop and recommend DevSecOps best practices.
  • Use sophisticated, analytical thought to exercise judgment and design innovative solutions for the most complex components of the DevSecOps lifecycle.
  • Works independently, with guidance in only the most complex situations.
  • Provide technical and process guidance to junior team members.
  • Build and maintain the automation and streamlining of software delivery and operations for new or existing software applications through advanced proficiency and subject matter expertise in vendor tools in the DevOps lifecycle.
  • Liaise with DevSecOps Center for Enablement (C4E) to ensure that Enterprise tools or practices are followed, and to share information about any team specific tools or practices that may benefit other teams.
  • Active participant with the Truist Agile Guild and Agile DevOps Communities of Practice.
  • Bachelor degree or equivalent education and related training or experience.
  • Seven+ years of experience in software engineering or IT including at least Four years of experience in a role in which the primary responsibility is DevOps Engineering or the development, maintenance, and support of CI/CD pipelines.
  • Must demonstrate ability to write code.
  • Foundational cloud architecture knowledge.
  • Must demonstrate ability to construct basic application build pipeline.
  • Primary Vulnerability Coordinator: Serve as the organization's lead for assessing, prioritizing, and orchestrating remediation of security vulnerabilities across the entire container environment.
  • Risk Assessment: Conduct technical risk assessments for container vulnerabilities, considering deployment context (OpenShift vs. AWS ECS) and platform-specific mitigations.
  • Design and maintain automated workflows that leverage vulnerability scanning tool results to trigger appropriate remediation actions across the container lifecycle.
  • Lead the implementation of automated integrations between CrowdStrike, Artifactory, GitLab CI/CD, OpenShift, and AWS ECS to create seamless container security workflows.
  • Design, Configure, maintain, and expand Renovate automation for container image updates, ensuring continuous compliance with security standards and automated merge requests into downstream repositories.
  • CI/CD Security Integration: Design and implement GitLab CI/CD pipeline integrations that enforce container security policies and automate compliance verification.
  • Custom Tooling Development: Develop custom scripts, tools, and applications to fill automation gaps and enhance the container security ecosystem.
  • Entry level development experience and a willingness to solve business objectives with custom code when vendor or internal applications fall short.
  • Introduction level knowledge of AI and AI agents of any kind.
  • Medical, dental, vision, life insurance, disability, accidental death and dismemberment.
  • Tax-preferred savings accounts.
  • 401k plan.
  • No less than 10 days of vacation during the first year of employment.
  • 10 sick days.
  • Paid holidays.
  • Defined benefit pension plan, restricted stock units, and/or a deferred compensation plan may be available.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Automation Test Lead Resume Examples
Automation Test Lead Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service