Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

DevSecOps Engineer II

Posted about 1 month agoViewed

View full description

💎 Seniority level: Senior, 5+ years

📍 Location: United States

🔍 Industry: Information Security

🗣️ Languages: English

⏳ Experience: 5+ years

🪄 Skills: AWSPythonBashCloud ComputingCybersecurityGitAzureCI/CDLinuxDevOpsTerraformMicroservices

Requirements:
  • Minimum five (5) years of supporting / implementing network security platforms & strategies.
  • Minimum three (3) years of experience in information security.
  • Thorough understanding of information security—call it a security ethos—capable of being shared as best practices that provide guidance to other organizations within Allegiant as well as provide skills uplift to the information security engineering team.
  • Hands-on experience with security engineering tasks in DevSecOps workflows.
  • Strong knowledge of, and long working experience with, Terraform Infrastructure as Code.
  • Capable of utilizing and maintaining popular code linting tools such as Bandit, JShint, ShellCheck, ESLint, Pylint, Checkov (IAC) and Rubocop to enforce coding standards and improve code quality.
  • Skilled in the creation and maintenance of scripts in Python, Bash or Powershell to automate security tasks and improve efficiency.
  • Strong knowledge of public cloud security and private cloud security constructs, and the effective deployment of cloud security tools such as network security groups, NGFW, IAM.
  • Familiarity and experiences with Amazon routing and load balancing technologies including ALB (Application Load Balancers), NLB, and Gateway Load Balancer.
  • Experience Network routing protocols such as BGP, OSPF, EIGRP, IGRP, RIP, and RIPv2 with accompanying best practices.
  • Experience with Cloud network resources such as VPC (Virtual Private Cloud) peering and Transit Gateway.
  • Experience and proven ability to work under time constraints and pressure.
  • Ability to work independently and as part of a team, and being comfortable working in a fast-paced, dynamic environment.
  • Capable of advising and implementing CloudFormation & Terraform IAC best practices and security.
Responsibilities:
  • Develop and maintain Infrastructure as Code (IaC) pipelines on AWS and Azure.
  • Work closely with development and security teams to ensure that our infrastructure meets the highest standards of security and compliance.
  • Build and maintain automated security and compliance checks for our infrastructure.
  • Develop and maintain monitoring and alerting systems for our infrastructure.
  • Automate security response and remediation processes.
  • Protect the organization's computer systems, networks, and data through the troubleshooting and maintenance of security measures.
  • Demonstrate excellent problem-solving skills, attention to detail, and effective communication skills.
  • Remain apprised of CSP (Cloud Service Provider) best practices and documentation, maintaining appropriate certifications and sharing findings with teams during weekly meetings.
  • Create and maintain scripts in Python, Bash or PowerShell to automate security tasks and improve efficiency.
  • Utilize and maintain popular code linting tools such as Bandit, JShint, ShellCheck, ESLint, Pylint, Checkov (IAC) and Rubocop to enforce coding standards and improve code quality.
  • Develop and maintain security policies and procedures for AWS IAM, AWS Key Management, and AWS Certificate Manager to ensure best practices are being followed.
  • Monitor and maintain Cloudflare WAF to ensure that web applications are protected from OWASP Top 10 vulnerabilities.
  • Manage and configure AWS Guard Duty to detect and respond to security incidents in real-time.
  • Work with SIEMs to ensure that logs and events are being captured and analyzed to identify potential security threats.
  • Use Terraform IAC to create and manage AWS infrastructure in a secure and compliant manner.
  • Write Python scripts to automate security tasks and improve efficiency.
  • Use Checkov IAC Linting to ensure that AWS infrastructure code is compliant with security best practices.
  • Create and manage AWS Lambda functions to automate incident response and remediation tasks.
  • Configure AWS Event Bridge and AWS CloudWatch to monitor infrastructure and trigger alerts when security events occur.
  • Work with the team to review and approve Github pull requests, and troubleshoot Github action and custom pipeline builds.
  • Troubleshoot AWS Network Infrastructure and infrastructure as code to promptly resolve incidents and minimize downtime and maximize uptime.
  • Advise on network protocol, operating system, cryptography, and AWS cloud security.
  • Maintain security controls, evaluate products and technologies, and integrate them into IT systems and applications.
  • Deploy AWS security measures and conduct regular security assessments.
  • Debug Terraform & CloudFormation infrastructure as code builds in custom pipelines as well as in GitHub Actions.
  • Work independently and as part of a team in a fast-paced, dynamic environment.
  • Deploy security measures to protect data stored on public clouds against unauthorized access.
  • Deploy identity and access management roles and permissions in Allegiant’s cloud providers.
  • Remain up to date on CSP best practices and documentation and share findings with teams.
  • Automate security tasks and improve efficiency with scripts in Python, Bash, Terraform or PowerShell.
  • Work effectively in an Agile Scrum workflow, demonstrating strong project management hygiene.
  • Provide advanced in-depth, top-level support for complex information security issues at all Allegiant locations.
  • Work with application developers to identify security requirements and issues.
  • Document components of the Allegiant information security systems.
  • Remain apprised of CSP (Cloud Service Provider) best practices and documentation, maintaining appropriate certifications and sharing findings with teams during weekly meetings.
  • Develop and implement AWS Lambda functions to automate incident response and remediation tasks.
  • Configure AWS Event Bridge and AWS CloudWatch to monitor infrastructure and immediately alert the team when security events occur.
  • Collaborate with the team to review and authorize Github pull requests, and identify and resolve issues with Github Actions and custom pipeline builds.
  • Model Allegiant’s customer service standards in personal actions and when providing direction.
  • Other duties as assigned.
Apply