Senior DevSecOps Engineer

Introduction

Are you searching for an opportunity to play a key role in driving the dramatic growth of a highly successful software company? 

At Poppulo, we’re working on what’s next in communications and workplace technology. As a pioneer in this industry, we understand that meaningfully reaching every employee is hard. And so is managing office space in a hybrid world. And so is improving the customer and guest experience. We exist to make each of these things easier. We exist to bring harmony to our customers. 

And we do that at enterprise scale. Our omnichannel employee communications, customer communications, and workplace experience platform is trusted by over 6,000 organizations today, reaching more than 35M employees and delivering content to 500,000+ digital signs.

We know there’s no such thing as a “perfect" candidate - we’re all a work in progress and are growing new skills and capabilities all the time. We encourage you to apply for a position with Poppulo even if you don’t meet 100% of the requirements. We believe in fostering an environment where there is a diversity of perspectives, in hopes that we can all thrive. 

Key Responsibilities:

• DevOps Integration: Collaborate with software development and IT operations teams to integrate security into the DevOps pipeline, automating security controls, and promoting a culture of security awareness.
• Security Automation: Develop and maintain automation scripts and tools for security testing, scanning, and monitoring of applications, infrastructure, and code repositories.
• Continuous Monitoring: Implement continuous monitoring solutions to detect and respond to security threats and vulnerabilities in real-time.
• Security Testing: Conduct regular security testing, including static analysis, dynamic analysis, and penetration testing, to identify and remediate vulnerabilities.
• Incident Response: Assist in developing and maintaining incident response plans, and actively participate in security incident response activities when necessary.
• Compliance: Ensure compliance with industry standards and regulations (e.g., GDPR, HIPAA, ISO 27001) by implementing necessary security controls
• Security Education: Provide training and guidance to development and operations teams on security best practices and tools.
• Toolchain Management: Evaluate, select, and maintain security tools and technologies that enhance the security posture of the organization.

Requirements:

• 6+ years experience in software development or DevSecOps role
• Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience).
• Proficiency in scripting and programming languages (e.g., Python, Ruby, Bash).
• Familiarity with containerization and orchestration technologies (e.g., Docker, Kubernetes).
• Proven experience in DevSecOps, including experience in automating security practices within a DevOps environment.
• Proficiency in DevOps practices, toolchain and processes – source code, build pipeline, deployment, observability, AWS
• Strong knowledge of security tools and technologies, such as vulnerability scanners, WAFs, SIEM, and IDS/IPS.
• Experience with cloud security best practices, preferably AWS, Azure, or GCP.
• Understanding of security exposure during product development and deployment – scanning, prioritizing and validating fixes.
• Knowledge of relevant tools - Snyk, Crowdstrike, SonarQube or similar
• Ability to communicate and collaborate with development teams, Devops team and security teams
• Experience with Incident Response, Security Audits, Monitoring and Analysis

Nice to Have:

• Relevant security certifications (e.g., CISSP, Certified Ethical Hacker, CompTIA Security+) are a plus.

Who We Are

We are a values-driven organization that encourages our employees to bring their authentic selves to work every day and empowers everyone to make a tangible impact on our products, clients, and culture. We offer a dynamic environment with driven, fun, and flexible individuals who thrive on challenge and responsibility. This is an opportunity to contribute to our culture and join a company that’s on the move.

We live the Poppulo values each day, as they are key to everything we do.

• Bring Your Best Self
  We show up authentically, are self-aware and always strive to be better.
• See it. Own it. Solve it.
  We proactively innovate and solve for our customers and each other. We set an example with high standards for our work. We foster a culture of learning, acknowledging our successes and our failures.
• Together We’re Better
  We value and celebrate our diversity. We learn from others, respecting their expertise, and focus on building trust. That's what makes us a team.

Named a Great Place to Work in 2015, 2016, 2017, 2018, 2019, 2020, and 2021, we are a fast-growing global technology company, with offices in Ireland, the US, and the UK.

Poppulo is an equal opportunity employer.

We disclose your personal information to our private equity sponsor, Vista Equity Partners, and its affiliates, including Vista Consulting Group (collectively, “Vista”), for administration, research, database development, workforce analytics and business operation purposes, in line with the terms of this Privacy Policy. Vista processes and shares your personal information with its affiliates, including other Vista portfolio companies, on the basis of its legitimate interests in managing, administering and improving its business and overseeing the recruitment process and, if applicable, your employment relationship with Four Winds Interactive LLC. If you have consented to us doing so, we also share your personal information with other Vista portfolio companies for the purpose of being considered for other job opportunities in the pooling system, both inside and outside the EEA. Please find a full list of all Vista portfolio companies at: https://www.vistaequitypartners.com/companies/ and Vista’s privacy policy at https://www.vistaequitypartners.com/privacy/. Where this requires us to transfer your personal information outside of the EEA, please refer to the FWI  Privacy Policy for further details on cross-border transfers. In connection with the recruitment process, your personal data may be transferred outside of the EEA to iCIMS and/or Greenhouse, Hirebridge, LLC and Criteria Corp., which provide applicant tracking and evaluation services. Hirebridge, LLC and Criteria Corp. have agreed to comply with the EU Standard Contractual Clauses to ensure that your personal information is adequately protected whilst outside of the EEA.