DevSecops Engineer

About The Position

Requirements

• 3-4+ years of experience in developing and deploying security technologies
• Experience with modern Software Development Lifecycles and CI/CD practices
• Experience for the remediation of vulnerabilities sourced from Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning
• Proficiency in Public Cloud (AWS/Azure/GCP) & Network Security
• Experience with Docker, Kubernetes, Security-as-Code, and Infrastructure-as-Code
• Experience with one or more general-purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Shell Script, PowerShell
• Experience with implementing and managing data protection measures and compliance with data protection regulations (e.g., GDPR, CCPA)

Nice To Haves

• Familiarity with OWASP Application Security Verification Standard
• Experience with direct, remote, and virtual teams.
• Understanding of at least one compliance framework (HIPAA, HITRUST, PCI, NIST, CSA).
• Proficient technical expertise with Static Analysis, Open Source Scanning, Mobile Scanning, and API Scanning security solutions for data warehouses and big data platforms, particularly with technologies like GitHub Advanced Security, Checkmarx, and Snyk.
• Proficient technical expertise in defining and implementing cyber resilience standards, policies, and programs for distributed cloud and network infrastructure, ensuring robust redundancy and system reliability.
• Demonstrated ability to oversee metric collection, perform analysis, and deliver insights to senior leadership through clear, data‑driven presentations
• Experience helping manage and optimize workflow for a Kanban-based team
• Proficient data analytics skills, including identifying trends, deriving actionable insights, and supporting decision-making
• Proficient in utilizing data analytics and reporting platforms, including PowerBI, Grafana, Tableau, and related tools.
• Demonstrated expertise in developing security automation solutions within CI/CD pipelines

Responsibilities

• Develop and enforce engineering security policies and standards
• Develop and enforce data security policies and standards
• Drive security awareness across the organization
• Drive accountability in collaborative team Kanban practices
• Collaborate with Engineering and Business teams to develop secure engineering practices
• Serve as a Subject Matter Expert for Application Security
• Work with cross-functional teams to ensure security is considered throughout the software development lifecycle
• Analyze, develop, and configure security solutions across multi-cloud, on-premises, and colocation environments, ensuring application security, integrity, confidentiality, and availability of data
• Lead security testing, vulnerability analysis, and documentation
• Design, develop, and maintain enterprise-level reporting utilizing platforms such as PowerBI, Grafana, Tableau, and similar tools
• Participate in operational on-call duties to support infrastructure across the enterprise
• Develop incident response and recovery strategies

Benefits

• medical
• dental
• vision coverage
• paid time off
• retirement savings options
• wellness programs