DevSecOps Engineer

The Ideal Candidate

The ideal candidate is one with a strong background in information security and DevOps. Relevant experience includes having secured cloud network traffic as well as automating security processes regarding security-related compliance standards. 

The Role

The DevSecOps Engineer is required to partner with all teams across the global company, particularly Engineering, Product, and Enterprise Support, to ensure the security of our SDLC pipeline, provide business value, and be cost-effective.

Responsibilities

• Develop, document, and implement CI/CD strategy for management of Infrastructure as Code (IaC) and Policy as Code baseline.
• Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service.
• Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the (IaC) CI/CD pipeline.ie. Selenium, Prometheus, or OpenSearch or various DevSecOps functioning to include system debugging.
• Review, debug, and resolve technical issues throughout all stages of SDLC.
• Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, playbooks, and work instructions.
• Measure effectiveness of process improvement and automation efforts via metrics and KPIs.
• Perform integration activities to connect with third-party software APIs.
• Design, implement, and maintain efficient and reusable Python and Terraform code.
• Work with stakeholders to develop requirements and deliverables.
• Communicate with project managers on a frequent basis. Identify tasks and issues that may have an impact on service levels or schedules. Provide realistic task and cost estimates.
• Maintain a current and working knowledge of IT development methodology, architecture design, and technical standards.
• Partner with other company teams, particularly our Engineering, TSE and Client Experience teams, in provisioning cloud infrastructure environments for development, POC, demos, and our production SaaS service.
• Security event monitoring of runtime environments, e.g. API Threat Prevention, Container Runtime Security, Cloud, etc.
• Knowledge of cloud-based security issues and related activities relating to threat detection, monitoring, and response.
• Evaluate the impacts of change requests on own/shared technologies and effectively persuade and influence others on ideas.
• Review and approve documentation and diagrams created by team members (e.g., system specifications). Write documentation, including technical standards and processes.

Skills and Experience

Successful candidates for this role will generally possess the following qualifications and skills:

• 3+ years of experience leading cloud services design and deployments in technology such as SaaS, IaaS, and PaaS.
• 3+ years of experience in building and deploying cloud native solutions such as AWS, Azure, or Google Cloud Platform.
• Deep knowledge of DevSecOps tools and methodologies.
• Ability to influence and build relationships with LOB stakeholders, technology CIO leadership, external service providers, infrastructure, and enterprise architecture teams.
• Deep technical expertise in one or more of these areas: Storage, Compute, Databases, AIML.
• Professional Cloud Certification(s) from AWS, DSOE.
• Experience working with cloud security management or governance tools.
• Ability to manage initiatives related to cloud transformation, migration, modernization, and implementation.
• Excellent verbal, written, and interpersonal communication skills. Ability to articulate technical solutions to both technical and business audiences.
• Ability to deliver and engage with partners effectively in a multi-cultural environment by demonstrating co-ownership and accountability in a matrix structure.
• Ability to influence, partner, and negotiate with senior business leaders to drive strategic outcomes.
• Delivery focus and willingness to work in a fast-paced, enterprise environment. 

Personality Attributes

• Excellent problem-solving skills and the ability to troubleshoot complex issues.
• Strong communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.
• Flexible, team player, goal-driven.
• Willing to take ownership of and proactively seek to improve on existing systems.
• Adaptability and self-motivation to excel in a mobile/remote-first team and company, demonstrating the capability to thrive in a distributed work environment while maintaining high productivity and communication standards.