Storable is looking for a DevSecOps Engineer who will be responsible for facilitating software engineers to shift left so security can be introduced earlier in the lifecycle of the app development process. This role requires advanced skills in securing CI/CD pipelines in both legacy and modernized application environments. 

Collaboration with security engineers, architects, developers, vendors and other business functions to provide secure and resilient applications will be the key to success. 

Responsibilities: 

  • Build reusable components that make it easy for our engineers to do the right thing safely across many product lines
  • Shift security left by introducing security feedback loops into our CI/CD solution (GitLab). Including but not limited to IAST, SAST, DAST, container scanning, API scanning, and secret detection 
  • Develop and help integrate security scanning into a wide variety of production environments to ensure compliance
  • Build tools that scan and enforce policies to allow Developers to do their job effectively, while maintaining least privilege access
  • Provide reporting mechanisms that arm our engineering managers with the knowledge to address security concerns effectively
  • Provide technical expertise and training to other Platform engineers to ensure security is integrated into our platform solutions
  • Work with other Security experts in our organization to develop relevant training and onboarding materials for all employees
  • Provide solutions for common Disaster Recovery methodologies that automate backup and restore processes
  • Provide templates for secure system configurations using automated tools that ensure compliance with configuration management policies
  • Develop tools to assist and support developers on securing Git Workflows 
  • Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats 
  • Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components. 

Requirements 

  • 5+ years of experience designing automated solutions/strategies involving security in Cloud architecture (AWS Preferred)
  • 5+ years of infrastructure operations/engineering experience with record demonstrating the delivery of high-quality, large-scale solutions requiring planning and change control
  • 3+ years experience of implementing security practices in CI/CD (GitLab) and containerized environments (Docker, Kubernetes)
  • Experience building new Linux systems and upgrading and patching existing ones. Familiarity with Windows environments
  • Proficiency with two or more languages: Bash, PowerShell, Python, Ruby, Perl, Go, etc
  • Proficiency with Configuration management like Chef, Puppet, or Ansible in production environments
  • Proficiency with Infrastructure as Code solutions (Terraform Preferred)
  • Strong foundation in security technologies and OWASP top 10 standards, including secure authentication, secure data storage etc.. 
  • Experience with IAST, SAST, DAST, container scanning, API scanning, and secret detection tools
  • Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc)
  • Ability to understand and create security threat models 
  • Expertise in cloud infrastructure automation to include AWS, GCP, or Azure
  • Strong communication, organizational and interpersonal skills 
  • CISM, CISSP or other Security Certifications

 

About Us:

At Storable, we believe storage operators should have one partner they can trust to help you get the results they need for their business. That’s why we’ve built the industry’s first fully integrated platform that offers facility management software, facility websites, marketing programs and services, payments, and deeply integrated tenant insurance capabilities all in one solution. 

We leverage our platform in combination with our over 25 years of storage industry expertise to help our thousands of storage customers achieve their tenant experience and operational efficiency objectives every single day.

Benefits and Perks: 
  • Generous health coverage for you and your family, including short- and long-term disability coverage, 401(k) and HSA matching, two-times base salary company-provided life insurance, emergency loans, legal coverage and more.
  • Engage remotely! Since 2020, we’ve transitioned to a fully remote environment but that doesn’t mean we’re not connected. We continue to run regular contests, trivia games, and virtual happy hours!
  • Instant-access and flexible vacation. We trust you, so we have a ‘take what you need’ vacation policy. No waiting to use it or need for accruals.
  • Do More, Be More – company rewards and recognition that add up and can be redeemed for personalized gifts and experiences! Storriors have been able to enroll in scuba certification classes, travel overseas, and redo their back patio among many other things.
  • Company anniversaries, birthdays, weddings, adding children to a family, first-time home buyers and more are celebrated.
  • We encourage you to get active in the community by joining one of our offsite volunteer and community service events and by using volunteer PTO time.
  • Self-care matters, so we offer the opportunity to take a load-off and enjoy a mental health day outside of your normal PTO time.
  • Fully-paid parental leave: 12 and 6 weeks for primary and secondary caregivers respectively.
  • ’Paw’ternity Leave and Pet Bereavement - we understand that pets are a part of the family and have generous time-off policies, which honor that commitment. 
  • Caregiver Leave: four weeks of fully paid time away from work to take care of aging dependents or family members, if needed.
  • Monthly home data stipend added directly to your paychecks to help cover the cost of home internet, plus a home office sign-on bonus of $250.

Don't check all the boxes? Studies have shown that women and people of color are less likely to apply for a job unless they meet every single qualification, especially in the tech industry. At Storable, we are devoted to strengthening and upholding a diverse, inclusive, and authentic workplace. If you’re excited about this role but your professional background doesn’t perfectly align with the qualifications above, we encourage you to apply. Even if this role isn’t the right match, we would love to have your resume on file for future opportunities!

Storable is committed to providing equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Storable will provide reasonable accommodations for qualified individuals with disabilities.

Apply for this Job

* Required
  
Google Drive
(File types: pdf, doc, docx, txt, rtf)
  
Google Drive
(File types: pdf, doc, docx, txt, rtf)

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Storable’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305

OMB Control Number 1250-0005

Expires 05/31/2023

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

We are a federal contractor or subcontractor required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Autism
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, or HIV/AIDS
  • Blind or low vision
  • Cancer
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or hard of hearing
  • Depression or anxiety
  • Diabetes
  • Epilepsy
  • Gastrointestinal disorders, for example, Crohn's Disease, or irritable bowel syndrome
  • Intellectual disability
  • Missing limbs or partially missing limbs
  • Nervous system condition for example, migraine headaches, Parkinson’s disease, or Multiple sclerosis (MS)
  • Psychiatric condition, for example, bipolar disorder, schizophrenia, PTSD, or major depression

1Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.