Why is remote work so nice? Let's try to see!
Apply
Senior DevSecOps Engineer
Posted 6 days agoViewed
Requirements:
- Comfortable with a Linux-based tech stack (managed VMs, SSH, VPNs, firewalls,)
- Experience with Kubernetes (incl. managed), Terraform, Ansible, Github, Gitlab,, ArgoCD, Image registries
- Experience with various cloud platforms including, Google Cloud, non-managed providers
- Understanding of blockchain tech and associated tooling (wallets, keys, RPC nodes and indexers etc.)
Responsibilities:
- Advising Infra Engineering and IT teams on security topics and supporting their work from the security standpoint — maintaining things
- Automation of security controls, security hardening of the developer and IaC processes (building, testing, release), supply chain security (part of the build process), related metrics and monitoring/audits
- Network, Vm & container image and system hardening, Cloud issues and misconfigurations
- Endpoint Security, Infrastructure Identity and Access Management, SIEM, Threat intelligence, common misconfigs (DNS, email, networking, etc.)
- Organising and performing penetration testing of our infrastructure, and collaborating with external parties on those tests.
- Picking tools, methods and approaches to maintain and improve the security stance of the company. (And we have a strong preference towards FOSS tooling when possible)
- Writing and enabling adoption of company-wide security standards and guidelines, as well as implementing tools and automation to enable their deployment.
- Mentoring other team members on all matters related to security and IT and infrastructure engineering.
Related Jobs
Apply
🔥 Senior DevSecOps Engineer
Posted 3 months ago
📍 United States of America
🧭 Full-Time
💸 145000.0 - 170000.0 USD per year
🔍 Software Engineering, Cloud Services, Scientific Research
🏢 Company: external
- Minimum of a college or university degree in a related field.
- 5-7 years of work experience in a related job discipline.
- Strong understanding of security concepts including threat modeling and vulnerability management.
- Knowledge of SDLC and cloud security principles.
- Experience with container security and AWS services.
- Skills in scripting (Python, Bash) and Linux administration.
- Lead the implementation and monitoring of security procedures and controls.
- Integrate security features into the software development life cycle.
- Define and document cloud infrastructure architecture.
- Deploy, operate, monitor, and maintain production Globus services.
- Assist other team members in addressing operational issues.
- Design new systems, features, and tools while solving complex problems.
AWSDockerPostgreSQLPythonBashDynamoDBElasticSearchNginxCI/CDRESTful APIsLinuxTerraformNetworking
Posted 3 months ago
ApplyApply
🔥 Senior DevSecOps Engineer
Posted 4 months ago
🧭 Full-Time
🔍 Telecommunications
- Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- 5+ years of experience in DevSecOps, Security Engineering, or a similar role with a strong focus on cloud security.
- 3+ years of hands-on experience with AWS services, including expertise in container orchestration, IAM, and security best practices.
- 2+ years of experience with Kubernetes, including securing Kubernetes clusters and deployments.
- Deep understanding of SAST, DAST, and container security solutions, API security testing tools, with experience implementing and managing these tools.
- Proven experience in vulnerability assessment, threat modeling, and remediation techniques.
- Experience with security incident response, including developing incident response plans and conducting post-mortems.
- Proficiency in at least one programming language (Python, Go, Java, etc.) for automation and tooling.
- Proficiency in infrastructure-as-code tools (e.g., Terraform) and CI/CD platforms (e.g., GitHub Actions, Jenkins).
- Excellent communication and collaboration skills with the ability to work effectively in a fast-paced environment.
- Design, implement, and manage security solutions across the entire software development lifecycle (SDLC), with a focus on automation and continuous integration/continuous delivery (CI/CD) pipelines, including robust API security measures and authentication protocols.
- Champion security best practices within engineering, DevOps, SRE, and IT teams, fostering a culture of shared responsibility for security.
- Proactively identify and remediate security vulnerabilities in applications, mitigating OWASP Top 10 vulnerabilities, infrastructure, and cloud services through threat modeling, vulnerability assessments, and penetration testing.
- Develop and maintain security monitoring and alerting solutions to detect and respond to potential security incidents in real-time and prevent common cyber attacks such as DDoS, injection attacks, and credential stuffing.
- Define and enforce secure coding standards and provide training and mentorship to development teams on DevSecOps principles.
- Lead compliance initiatives by contributing to security policies, controls, and audit readiness for SOC 2, ISO 27001, GDPR, and other relevant regulations.
Posted 4 months ago
ApplyRelated Articles
Posted 7 months ago
Insights into the evolving landscape of remote work in 2024 reveal the importance of certifications and continuous learning. This article breaks down emerging trends, sought-after certifications, and provides practical solutions for enhancing your employability and expertise. What skills will be essential for remote job seekers, and how can you navigate this dynamic market to secure your dream role?
Posted 7 months ago
Explore the challenges and strategies of maintaining work-life balance while working remotely. Learn about unique aspects of remote work, associated challenges, historical context, and effective strategies to separate work and personal life.
Posted 8 months ago
Google is gearing up to expand its remote job listings, promising more opportunities across various departments and regions. Find out how this move can benefit job seekers and impact the market.
Posted 8 months ago
Learn about the importance of pre-onboarding preparation for remote employees, including checklist creation, documentation, tools and equipment setup, communication plans, and feedback strategies. Discover how proactive pre-onboarding can enhance job performance, increase retention rates, and foster a sense of belonging from day one.