Cybersecurity Engineer – SecDevOps

About The Position

Requirements

• Significant experience in Cybersecurity (typically 8+ years), with significant hands-on experience in Security Engineering, DevOps, SRE, AppSec automation, or Platform Engineering OR equivalent practical expertise gained through nontraditional paths
• Hands-on with one or more CI/CD stacks (GitHub Actions, GitLab CI, Azure DevOps, Jenkins)
• Proficient in Terraform/IaC, Kubernetes, and cloud provider security (Azure preferred)
• Experience integrating SAST/SCA/DAST, container/IaC scanners, and secret scanning into pipelines
• Strong scripting in Python and/or Bash; infrastructure tooling (Helm, kustomize)
• Familiarity with OIDC workload identity, artifact registries, and software supply chain controls
• Clear communicator who can translate risk into engineering work
• Strong sense of ownership, accountability, and attention to detail.
• Ability to manage competing priorities and deliver results in a dynamic environment while maintaining healthy work practices.
• Proven track record of developing and maintaining structured processes that support efficiency, scalability, and rapid business growth.
• Inclusive leadership style; ability to work effectively with collaborators who have diverse backgrounds, communication styles, and technical strengths.
• Curiosity and a growth mindset, with the ability to adapt approaches to evolving technology landscapes.
• Strong communication skills for bridging technical and business perspectives.
• Bachelor’s degree, relevant technical training, or equivalent hands-on experience. We welcome candidates with nontraditional educational paths.

Nice To Haves

• Built policy gates with OPA/Gatekeeper or Kyverno; authored custom policies.
• Implemented sigstore cosign, admission controls, and image allowlists.
• Experience with Falco or cloud runtime sensors; integrated with SIEM/SOAR (Splunk, Sentinel).
• Knowledge of SLSA, NIST SSDF, CIS Benchmarks, MITRE ATT&CK for Containers/Cloud.
• Exposure to secrets lifecycle automation (rotation, dynamic creds), Vault or cloud-native KMS.
• Background in threat modeling and attack surface reduction for microservices.
• Professional Certifications (e.g., GSEC, GCIA, CISSP, OSCP) are valued but not required
• Advanced certifications in cloud and AI security are a plus.

Responsibilities

• Help advance our automation‑first engineering strategy by designing and maintaining the foundational systems that enable secure, reliable, and scalable software delivery across the organization.
• Design, operate, and continuously improve CI/CD pipelines using modern tooling to enable rapid, consistent, and high‑quality software delivery.
• Automate build, test, and deployment workflows to reduce manual effort and improve engineering velocity.
• Use Terraform, CloudFormation, or similar IaC technologies to define and manage cloud infrastructure in a scalable, repeatable, and version‑controlled manner.
• Ensure infrastructure is provisioned reliably and consistently through code‑driven automation.
• Leverage tools such as Ansible, Chef, or Puppet to automate system configuration and maintain standardized environments across development, staging, and production.
• Ensure configuration drift is minimized and environments remain aligned with security and compliance requirements.
• Build and maintain containerized application patterns using Docker.
• Utilize Kubernetes (or equivalent orchestration platforms) to deploy, scale, and operate containerized workloads in a resilient, automated fashion.
• Develop automation using Python, Bash, PowerShell, or similar languages to eliminate repetitive tasks and improve operational efficiency.
• Create custom tooling that supports engineering workflows, observability, and security automation.
• Implement and maintain monitoring, logging, and alerting systems—leveraging tools such as Splunk—to ensure environment health, availability, and performance.
• Develop proactive detection mechanisms to identify and remediate issues before they impact operations.
• Use Git to manage source code, configuration, and infrastructure artifacts while promoting strong branching, pull request, and code review practices.
• Help teams adopt workflows that enhance collaboration and code quality.
• Work with Azure and other cloud platforms to build scalable, secure, and highly automated infrastructure.
• Leverage cloud‑native capabilities to improve performance, reliability, and cost efficiency.
• Automate critical security controls—including vulnerability scanning, compliance validation, policy enforcement, and incident response.
• Integrate security scanning and guardrails directly into CI/CD pipelines to ensure continuous security from commit through production.
• Effective communication skills to collaborate with development, operations, and security teams.
• Promoting a culture of SecDevOps and automation within the organization.
• Automating the build, test, and deployment processes to ensure rapid and reliable delivery of software.
• Excellent leadership and team management skills.
• Strong analytical and problem-solving abilities, supported by inclusive collaboration with team members with diverse working and thinking styles.
• Ability to stay updated with the latest security trends and threats.

Benefits

• Comprehensive Medical/Rx, Dental and Vision plans
• 401(k) program with company match
• Flexible Savings Accounts (FSA)
• Healthcare Savings Accounts (HSA) with company contribution
• Basic and Voluntary Life Insurance
• Long-Term Disability (LTD) and Short-Term Disability (STD) insurance
• Employee Assistance Program (EAP)
• Commuter Benefits plan for parking and transit
• Access to a world-class medical advisory team
• A mental health app that includes coaching, therapy and psychiatry
• A mindfulness and wellbeing app
• Financial wellness benefit that includes access to a financial advisor
• New parent leave
• Reproductive and adoption assistance
• Emergency backup care
• Matching gift program
• Education sponsorship program