FanDuel Group is a world-class team of brands and products that deliver sports betting, gaming and entertainment to millions of US sports fans, every day. That’s no easy task, and wouldn't be possible without a fantastic team who have helped us pioneer new products and innovative features that make us a leader in the industry. Whether you’re looking for better career progression, improved financial security or just a better sense of belonging we believe we’ve created a culture in which everyone can succeed, no matter how you got here.
Our roster has an opening with your name on it
As a valued member of the Security Operations team, the Senior DevSecOps Engineer will be responsible for assisting software engineers shift left so security can be introduced earlier in the lifecycle of the app development process. This role requires advanced skills in securing CI/CD pipelines in both legacy and modernized application environments. The DevSecOps team will work together to optimize and automate security controls for FanDuel Group (FDG) cloud applications in production.
Collaboration with security engineers, developers for other FanDuel apps, vendors and business units to constantly improve the overall security posture will be the key to success at FanDuel Group. We’re looking for a team player with highly technical analytical and communication skills to catalyze security best practices across FanDuel Group.
THE GAME PLAN
Everyone on our team has a part to play
- Automation of security process flows and security tests for containerized applications
- Design, create and support security tests in CI/CD pipelines, to include IAST, SAST, DAST, container scanning, API scanning, and secret detection
- Code in one or more programming languages, such as Python, Go or Java
- Develop code for collecting and injecting data from security vendors API’s
- Develop tools to assist and support developers on securing Git Workflows
- Provisioning and deployment of secure applications within hybrid cloud environments
- Design and apply Immutable Infrastructure and Infrastructure as code principles
- Responsible for the security of the software development lifecycle
- Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats
- Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components.
What we’re looking for in our next teammate
- Minimum 8 years of experience working in an DevSecOps or DevOps role preferred
- Bachelor of Science degree in Information Security, Engineering, Computer Science or related field preferred
- Must be able to code in one or more programming languages, such as Python, Golang
- Minimum 3 years of experience securing cloud and containerized applications is preferred
- Minimum 2 years of experience applying security testing in CI/CD pipelines is preferred
- Minimum 2 years of experience working with large, complex networks and systems preferred
- Effective interpersonal skills
- Proficiency in multi-tasking and prioritizing projects
- Excellent time management skills and be accustomed to working within prescribed deadlines
- Experience working in AWS and/or GCP
- Infrastructure as Code in Terraform or CloudFormation
- Knowledge of containers and container orchestration, such as Docker and Kubernetes
- Ansible or Chef configuration management
- Secret management in HashiCorp Vault, Akeyless, SOPS or KMS
- Experience working with Security Operations and Engineering teams to provide input for regulatory and security audit items
- Ability to write architectural security design documents or review design documents provided by others
We treat our team right
Competitive compensation is just the beginning. As part of our team, you can expect:
- An exciting and fun environment committed to driving real growth
- Opportunities to build really cool products that fans love
- Mentorship and professional development resources to help you refine your game
- Flexible vacation allowance to let you refuel
- Hall of Fame benefit programs and platforms
FanDuel Group is an equal opportunities employer. Diversity and inclusion in FanDuel means that we respect and value everyone as individuals. We don't tolerate bias, judgement or harassment. Our focus is on developing employees so that they reach their full potential.
The requirements listed in our job descriptions are guidelines, not hard and fast rules. You don’t have to satisfy every requirement or meet every qualification listed. If your skills are transferable and you are in the ballpark experience-wise, we'd love to speak to you!