DevSecOps Engineer

About The Position

Requirements

• Hands-on experience as a DevSecOps engineer with a deep understanding of network security, including Firewalls, WAF, PKI, SIEM, Endpoint Security, IDP, application security, and more.
• Extensive experience with at least one major public cloud platform (Azure, AWS, or GCP).
• Solid experience with Infrastructure as Code (IaC) and Configuration Management (CM) tools such as Terraform, CloudFormation, and Ansible.
• Proficiency in coding with scripting languages such as PowerShell, Bash, Python, Go, or equivalent.
• In-depth understanding of DevOps practices, CI/CD pipelines, version control systems, and embedding security controls into their lifecycle.
• Strong expertise in Linux or Windows systems and related IT technologies.
• Eagerness to learn and grow with the role, adapting to new challenges and technologies as the position evolves.

Nice To Haves

• Experience with various Azure services such as Service Fabric, AKS, Virtual Machine Scale Sets, Virtual Networks, Azure SQL, Azure AD, App Service, Function Apps, ACI, etc.
• Familiarity with application security testing tools such as SAST, DAST, IAST.
• Experience with Kubernetes, containers, and microservices architecture.

Responsibilities

• Be a key member of our global R&D DevOps team, responsible for securing a diverse production environment based on Microsoft Azure, powering a data security platform.
• Own the end-to-end development and implementation of platform security features, ensuring they are fully integrated into our cloud environments.
• Design and implement secure cloud networks and infrastructure for complex pre-production and production environments.
• Establish and enforce DevSecOps best practices within our CI/CD pipelines and automation processes.
• Take an active role in reviewing and guiding other DevOps engineers on all aspects of security, providing mentorship and ensuring that security best practices are followed across the team.
• Continuously monitor applications and infrastructure for security vulnerabilities, coordinating prompt remediation efforts.
• Research and implement new cloud security services, open-source tools, and technologies to enhance security posture.
• Collaborate closely with R&D engineering teams in designing and implementing new security features and ensuring that security requirements are incorporated from the outset.