Senior DevSecOps Engineer

View full description

Requirements:

• Experience implementing security tooling in CI/CD platforms, including SCA and SAST tools.
• Ability to participate in software architecture discussions for security best practices.
• Deep knowledge and experience with AWS Security tools such as GuardDuty, SecurityHub, Inspector, and Config.
• Proven experience developing, operating, and maintaining security systems.
• Knowledge of DevOps Automation tools and experience with Terraform.
• Extensive knowledge of operating system, network, and database security.
• Experience with security tools such as Wiz and Mend/Snyk, or equivalent.
• Proficiency in networking technologies and network monitoring solutions.
• Knowledge of security systems including anti-virus applications, firewalls, and intrusion detection.
• In-depth knowledge of security protocols and principles.
• Knowledge of the implementation of risk assessment techniques and security best practices.
• Bachelor's degree from an accredited college or university or equivalent industry experience.

Responsibilities:

• Collaborate with Development, Operations, and Security Teams to integrate security into the CI/CD pipeline.
• Lead projects to implement tools such as SAST, DAST, and SCA.
• Identify and recommend changes for security design gaps.
• Design, implement, and maintain security automation tools and processes.
• Manage AWS security services such as GuardDuty, SecurityHub, Inspector, and Config.
• Perform regular security assessments and coordinate penetration tests.
• Communicate security metrics across various levels of the organization.
• Lead security audits to ensure adherence to SOC and FedRAMP standards.