Senior DevOps Engineer

CarvanaTempe, AZ
72d
Match Resume

About The Position

We are hiring a Senior Security Engineer to join our DevSecOps Team. This role will ensure that our applications, services, and websites are designed and implemented with security by design, while also fortifying our security infrastructure. You will be responsible for discovering and addressing security risks, issues, and threats across the entire development lifecycle. This includes building security automation to enable secure development practices, evangelizing security with our engineering teams, and managing edge security processes.

Requirements

  • Solid understanding of edge security processes: Firewalls, SIEM, and log storage systems like Splunk or Datadog.
  • Hands-on experience in cloud security environments (Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP)).
  • Hands-on experience with containers (Docker, Kubernetes).
  • Hands-on experience with WAF security.
  • Extensive experience in DevOps or DevSecOps.
  • Strong understanding of the Secure Software Development Lifecycle (SSDLC).
  • Various build technologies, code repositories, and CI/CD pipeline processes (ADO, GitHub).
  • Embedding security tooling.
  • Comprehensive knowledge of various security domains, including web security (OWASP Top 10, CWE Top 25) and network security.
  • Knowledge of application security testing tools and methodologies (e.g., SAST, DAST, IAST).
  • Strong self-starter with technical acumen, communication and influence skills.
  • Proven ability to solve complex problems, develop risk-based solutions, and balance security with engineering requirements.
  • 5+ years of experience.

Nice To Haves

  • Cybersecurity.
  • In-depth understanding of web application vulnerabilities and mitigation techniques.
  • Familiarity with Azure Key Vault and other secrets management solutions.
  • Bachelor's degree in Computer Science or a related field, or equivalent practical experience.

Responsibilities

  • Implement comprehensive security tooling throughout the entire software development lifecycle, including integrating security into the Secure Security Development Lifecycle (SSDLC) and CI/CD pipeline.
  • Foster a culture of security-driven development through close collaboration with engineering, development, and operations teams.
  • Act as a Subject Matter Expert (SME) in application and infrastructure security.
  • Provide expert advice, consultation, and training.
  • Proactively identify, remediate, and manage vulnerabilities.
  • Communicate complex technical security problems to technical and non-technical stakeholders.
  • Work alongside the Senior DevSecOps Engineer to implement and manage firewalls, Security Incident Event Management (SIEM), and log storage systems (e.g., Splunk, Datadog).
  • Oversee application security initiatives, including vulnerability assessments and penetration testing.
  • Develop and manage a Security Champions program to promote security awareness and best practices throughout the organization.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Industry

Motor Vehicle and Parts Dealers

Education Level

Bachelor's degree

Number of Employees

5,001-10,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service