DevSecOps Engineer

About The Position

Requirements

• 5+ years IT Experience
• Bachelor of Science in Computer Science, Information Systems, Mathematics, Engineering, or a related degree. Can substitute 3 additional years of relevant experience in lieu of a degree.
• 2+ years of experience working in Kubernetes environments. This experience must include engineering deployment strategies, experience hardening deployments, and hardening the control plane and worker nodes. Also, a key skill is to understand how to implement observability and altering into new and existing clusters.
• 2+ years of experience developing in containerized environments
• 2+ years of experience presenting the technical solutions you develop to other teams and organizing technical dependencies involving other teams.
• 4+ years of experience in DevOps or DevSecOps roles. Must have experience working closely with application or infrastructure teams as a DevOps or DevSecOps engineer and have experience developing with Ansible and Terraform.
• 4+ years of Cloud Platform and Security Engineering. Experience working with one or more cloud platforms (AWS experience preferred) to develop secure solutions that scale. This includes but is not limited to, AWS Lambda, Docker, and Kubernetes-related services, cloud network and cloud services, and a deep understanding of how to secure and observe those services.
• 2+ years of Security Engineering. Experience building and reviewing architectures, focusing on security best practices. An understanding of reading and implementing security y controls in new and existing architectures, coupled with the ability to communicate successfully with the greater security organization, is required.
• must be US Citizen and must be able to get Public Trust

Nice To Haves

• Strong experience with Kubernetes and service mesh orchestration: Must have experience with Kubernetes in production environments. Have experience with best practices in deploying Kubernetes and have a firm grasp on the challenges and solutions around securing a cluster. Experience with service mesh orchestration as a means to inject security (Istio, Linkerd, etc.) is a key piece of our projects.
• Strong DevSecOps practices: Experienced with injecting security hardening and best practices into existing and new projects that follow DevOps practices. The candidate is expected to absorb existing security strategies and engineer solutions in active and new CI/CD Pipelines, IaC, and configuration management tools. Looking for a candidate who is excited about shifting security early in the application and platform lifecycle and optimizing observability.
• Experienced DevOps Tools Management: Experience managing and contributing to tooling that helps keep the DevOps culture functional and fruitful for application teams. Experience managing and deploying CI/CD tools and artifact repositories is also considered favorable.

Responsibilities

• Participating in a rotating on-call schedule
• Integrating with application teams to act as security SME and assist with connecting to new and existing security-related tooling
• Reviewing and assisting application teams with architectural decisions pertaining to security best practices.
• Develop IaC using Cloud Formations and Terraform
• Develop reusable automation using Ansible
• Develop processes and automation to harden AMI and Docker Container Images
• Write and review Kubernetes Network and Service Mesh policies to create inner cluster security perimeters.
• Assist Security Organization with research and development of tooling and applications that can shift security into CI/CD Pipelines
• Develop Jenkins and CircleCI code to build or add onto new existing CI/CD pipelines
• Perform research and development on new Cloud offerings from a variety of Cloud Platforms.
• Develop example code, best practice documents, and processes to aid application and SecOps teams in deploying their service offerings.

Benefits

• None/Contract