Development Security & Operations Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field. In lieu of a degree, a minimum 10 years’ experience in cybersecurity and/or development.
• Proven experience in a DevOps, cybersecurity, or related role.
• Proficiency in programming languages such as Python, Java, or Ruby, and scripting languages for automation tasks.
• Familiarity with CI/CD tools, container orchestration, and infrastructure as code (IaC) tools.
• A strong understanding of security principles, practices, and tools. This includes knowledge of threat modeling, risk management, security protocols, encryption technologies, and vulnerability assessment.
• Understanding of risk assessment techniques and security best practices.
• Skills in securing cloud environments, including experience with cloud service providers like Azure and AWS and understanding of cloud-native security tools and practices.
• Understanding of network architectures, protocols, and secure network design. Knowledge of system administration is also crucial for securing the underlying infrastructure.
• Awareness of legal and regulatory requirements related to information security, such as GDPR, HIPAA, and SOC 2.
• Ability to identify security issues and vulnerabilities and develop effective and efficient solutions or mitigations.
• Strong communication skills to effectively collaborate with development, operations, and business teams, and to promote a culture of security awareness.
• Commitment to staying updated with the latest security trends, threats, and technologies, and the willingness to continuously learn and adapt.
• Skills in handling security breaches and incidents, including the ability to lead or participate in incident response efforts.

Responsibilities

• Implement and maintain security tools and practices within the CI/CD pipeline.
• Conduct regular security assessments and vulnerability testing to identify and mitigate risks.
• Collaborate with software developers to incorporate secure coding practices.
• Use tools to automate scans, code verification, and other security tasks.
• Automate security processes to ensure seamless integration into the development workflow.
• Monitor and respond to security incidents, ensuring rapid and effective resolution.
• Stay updated with the latest security threats and trends and advise on necessary updates or changes to security protocols.
• Work with cloud-based infrastructures, ensuring they are securely configured and compliant with industry standards.
• Promote a culture of security awareness across the organization.
• Provides IT support for regulatory and compliance activities.
• Creates helpdesk support tickets.
• Keeps IT informed on tips and techniques to enhance cyber security posture.
• Recommends security enhancements.
• Additional duties as assigned.

Benefits

• 401(K) Retirement Saving Plan w/ Employer Match
• Low-Cost Health, Dental & Vision insurance (Starting DAY ONE)
• Tuition & Certification Reimbursement
• Paid Time Off – (15 Days; prorated before 1st year)
• Parental Leave
• Paid holidays