Senior DevSecOps Engineer

About The Position

Requirements

• A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and Requires 4 – 6 years of related experience. Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.
• Experience with one or more of the following: Linux or Windows, Docker, Kubernetes, SQL/NoSQL Databases and CI/CD tools
• Experience with scripting languages and automation tools such as Ansible
• Experience with infrastructure-as-code tooling such as Terraform or CloudFormation
• Knowledge of large-scale Front-End architecture and data-driven development
• Knowledge of security concepts and secure coding practices
• Experience with vendor support for troubleshooting and installations.
• Intermediate - Seeks to acquire knowledge in area of specialty
• Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
• Intermediate - Ability to work independently
• Intermediate - Demonstrated analytical skills
• Intermediate - Demonstrated project management skills
• Intermediate - Demonstrates a high level of accuracy, even under pressure
• Intermediate - Demonstrates excellent judgment and decision making skills

Responsibilities

• Drives the automation of secure software builds, test and deployment systems, and infrastructure.
• Manages various development, test, staging, and demo environments (code deployment using CI/CD pipelines, backups, data refreshes), as well as deploys and manages software in production environment while leveraging automation.
• Continually advances the technology in a collaborative and creative agile environment using the latest technologies and industry best practices to deliver solutions which meet business objectives more effectively.
• Incorporates security into development builds, and creates a "security as code" culture that prioritizes delivery of secure services as a core characteristic.
• Partners with software engineers to identify security vulnerabilities in code and develop mitigation recommendations
• Promotes a DevSecOps and Agile mindset across the technology functions
• Designs, creates, and supports complex security tests in CI/CD pipelines, such as container and API scanning
• Designs and implements effective and efficient tools to secure build/release pipelines for cloud native services
• Develops moderately complex code for collecting and injecting data from security vendors API’s
• Proactively evolves the existing platform by guiding security standards and implementing improvements
• Partners with the platform engineering team to develop complex CI/CD security processes
• Designs solutions that are compliant with partner security compliance requirements
• Implement automated secrets management, credential rotation, and other secure API authentication techniques
• Evaluates latest information security threats and recommends suitable defense measures
• Reviews architectural changes for security implications and recommends enhancements
• Develops information security activity monitoring reports
• Stays updated on latest technologies to improve security practices to create advantage
• Identifies, evaluates, and conducts proof-of-concepts for new technologies, enabling secure development of core architectural components
• Performs other duties as assigned
• Complies with all policies and standards

Benefits

• competitive pay
• health insurance
• 401K and stock purchase plans
• tuition reimbursement
• paid time off plus holidays
• a flexible approach to work with remote, hybrid, field or office work schedules.