Storable is looking for a DevSecOps Engineer who will be responsible for facilitating software engineers to shift left so security can be introduced earlier in the lifecycle of the app development process. This role requires advanced skills in securing CI/CD pipelines in both legacy and modernized application environments.
Collaboration with security engineers, architects, developers, vendors and other business functions to provide secure and resilient applications will be the key to success.
- Build reusable components that make it easy for our engineers to do the right thing safely across many product lines
- Shift security left by introducing security feedback loops into our CI/CD solution (GitLab). Including but not limited to IAST, SAST, DAST, container scanning, API scanning, and secret detection
- Develop and help integrate security scanning into a wide variety of production environments to ensure compliance
- Build tools that scan and enforce policies to allow Developers to do their job effectively, while maintaining least privilege access
- Provide reporting mechanisms that arm our engineering managers with the knowledge to address security concerns effectively
- Provide technical expertise and training to other Platform engineers to ensure security is integrated into our platform solutions
- Work with other Security experts in our organization to develop relevant training and onboarding materials for all employees
- Provide solutions for common Disaster Recovery methodologies that automate backup and restore processes
- Provide templates for secure system configurations using automated tools that ensure compliance with configuration management policies
- Develop tools to assist and support developers on securing Git Workflows
- Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats
- Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components.
- 5+ years of experience designing automated solutions/strategies involving security in Cloud architecture (AWS Preferred)
- 5+ years of infrastructure operations/engineering experience with record demonstrating the delivery of high-quality, large-scale solutions requiring planning and change control
- 3+ years experience of implementing security practices in CI/CD (GitLab) and containerized environments (Docker, Kubernetes)
- Experience building new Linux systems and upgrading and patching existing ones. Familiarity with Windows environments
- Proficiency with two or more languages: Bash, PowerShell, Python, Ruby, Perl, Go, etc
- Proficiency with Configuration management like Chef, Puppet, or Ansible in production environments
- Proficiency with Infrastructure as Code solutions (Terraform Preferred)
- Strong foundation in security technologies and OWASP top 10 standards, including secure authentication, secure data storage etc..
- Experience with IAST, SAST, DAST, container scanning, API scanning, and secret detection tools
- Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc)
- Ability to understand and create security threat models
- Expertise in cloud infrastructure automation to include AWS, GCP, or Azure
- Strong communication, organizational and interpersonal skills
- CISM, CISSP or other Security Certifications
At Storable, we believe storage operators should have one partner they can trust to help you get the results they need for their business. That’s why we’ve built the industry’s first fully integrated platform that offers facility management software, facility websites, marketing programs and services, payments, and deeply integrated tenant insurance capabilities all in one solution.
We leverage our platform in combination with our over 25 years of storage industry expertise to help our thousands of storage customers achieve their tenant experience and operational efficiency objectives every single day.
- Generous health coverage for you and your family, including short- and long-term disability coverage, 401(k) and HSA matching, two-times base salary company-provided life insurance, emergency loans, legal coverage and more.
- Engage remotely! Since 2020, we’ve transitioned to a fully remote environment but that doesn’t mean we’re not connected. We continue to run regular contests, trivia games, and virtual happy hours!
- Instant-access and flexible vacation. We trust you, so we have a ‘take what you need’ vacation policy. No waiting to use it or need for accruals.
- Do More, Be More – company rewards and recognition that add up and can be redeemed for personalized gifts and experiences! Storriors have been able to enroll in scuba certification classes, travel overseas, and redo their back patio among many other things.
- Company anniversaries, birthdays, weddings, adding children to a family, first-time home buyers and more are celebrated.
- We encourage you to get active in the community by joining one of our offsite volunteer and community service events and by using volunteer PTO time.
- Self-care matters, so we offer the opportunity to take a load-off and enjoy a mental health day outside of your normal PTO time.
- Fully-paid parental leave: 12 and 6 weeks for primary and secondary caregivers respectively.
- ’Paw’ternity Leave and Pet Bereavement - we understand that pets are a part of the family and have generous time-off policies, which honor that commitment.
- Caregiver Leave: four weeks of fully paid time away from work to take care of aging dependents or family members, if needed.
- Monthly home data stipend added directly to your paychecks to help cover the cost of home internet, plus a home office sign-on bonus of $250.
Don't check all the boxes? Studies have shown that women and people of color are less likely to apply for a job unless they meet every single qualification, especially in the tech industry. At Storable, we are devoted to strengthening and upholding a diverse, inclusive, and authentic workplace. If you’re excited about this role but your professional background doesn’t perfectly align with the qualifications above, we encourage you to apply. Even if this role isn’t the right match, we would love to have your resume on file for future opportunities!
Storable is committed to providing equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Storable will provide reasonable accommodations for qualified individuals with disabilities.