03 Jan
DevSecOps Engineer
Texas, Dallas / fort worth , 75270 Dallas / fort worth USA

Vacancy expired!

Job Purpose: Our Team will be composed of security experts that adhere to the principles of DevSecOps. The DevSecOps team will deliver a range of services including security engineering, architecture, automation, configuration management, monitoring and alerting, enterprise infrastructure administration.

Key Responsibilities:
  • Own and lead infrastructure security monitoring and detection and response for our client, ensuring the infrastructure is appropriately designed and configured to monitor and alert for suspicious activity, particularly as new products/features are designed and released
  • Partner hand-in-hand with our Infrastructure/DevOps team to build the deployment guardrails; in order to gain high assurance on the assets living in our cloud.
  • Create design patterns for effective logging & monitoring, alert detection, and automated incident response
  • Proactively performing security assessments to prevent security vulnerabilities
  • Actively participate in the overall strategic planning of the Security team to identify and implement modern and effective security architectures, standards, and related tools & technologies
  • Experience working in a DevSecOps environment, and familiarity with source code control and CI/CD pipelines and related systems
  • Collection, management, and analysis of performance data
  • Foster a strong team culture by mentoring junior security engineers
  • Be a security thought leader for the organization
  • Conducting security-focused training and hackathons to raise developer awareness of security best practice

Requirements
  • Minimum 5+ years of experience design or building cybersecurity infrastructure services in AWS Cloud., e.g. vulnerability management, incident response, data protection, SIEM, etc.
  • Minimum 3+ years of progressive experience within a software security team or similar operating environment with an in-depth understanding of application security assessment methodologies
  • Excellent skills effectively articulating security requirements, both in highly technical terms and in business terms, using a balanced risk approach
  • Strong interpersonal skills including mentoring, coaching, collaborating, and team building
  • Ability to both work closely with software developers and management teams
  • Openness to share knowledge and teach others the DevSecOps philosophy
  • Strong background in ECS, Lamda, Cloudformation
  • Experience with Version Control systems - Git.
  • Ability to interact professionally with a diverse group, executives, managers, and subject matter experts
  • Hands-on experience working with services and tools such as IAM, SecurityHub, GuardDuty, Inspector CloudTrail, CloudWatch, Shield, WAF, KMS, ACM, Secrets Manager, Lambda, CloudWatch, PagerDuty, Slack, CloudCustodian
  • Familiarity with DevOps, CI/CD, and agile methodology.
  • Experience with JSON, YAML, CloudFormation a plus
  • Will collaborate with various teams to assess threats, develop appropriate countermeasures, and in the event of unauthorized activity respond to it.
  • Define and develop preventive guardrails, detective controls, and automated alerts and remediation to ensure IAM implementation in all cloud environments are compliant with rS' cloud security standards and policies.
  • Experience with integrating static and dynamic scanners in the S-SDLC
  • Automates every day and/or repeatable tasks, including security control enforcement

Technical / Educational Requirements
  • We value experience over a degree
  • AWS certifications a plus
  • CISSP, OSCP, GIAC, and or AWS Certified Security Specialty a plus

Vacancy expired!


Report job