DevSecOps Engineer-6512

Compensation and Benefits

Pay range of $80/hr to $90/hr DOE.

Health & Medical Benefits, 401K, Employee Assistance Program, and Sick Time applicable by state.

Role Summary 

The Sr Security Engineer is a subject matter expert for cloud platform security. This role exercises considerable judgement in order to guide a large team of developers through application defects and provide best practices and solutions on how to defend against them.

Key Duties

·      Acts as a subject matter expert in cloud platform security

·      Builds tools and automation scripts that enable developers and engineers to easily consume security services.

·      Applies deep knowledge in industry methodologies to improve the accessibility of security through automation and continuous integration pipelines. Proposes solution designs, controls, and processes for secure cloud solutions.

·      Identifies and evaluates complex technology risks and internal controls, and provides recommendations on opportunities for internal control improvement and risk mitigation measures.

·      Oversees the implementation of internal security controls.

·      Manage the execution of incident response, developing solutions to resolving issues and complex problems.

·      Guides engineers and developers on proper techniques for designing and developing scalable applications and cloud deployments

·      Collaborates with Application Developers and Quality Assurance Engineers to perform testing of application or platform components and coaches on how to implement best practices

·      Manges the execution of penetration-testing activities.

·      Partners with Business Owners and Application Development teams on system assessments and reviews including analysis of capacity, reliability and performance of applications or infrastructures

·      Provides technical guidance to create a Development Security Operations culture. Creates and maintains security architecture artifacts (models, baselines, templates, diagrams, etc) that can be leveraged in new initiatives and operations and enforces policies and practices for system security and reliability.

Job-Specific Skills, Experience & Education

Required

·      4 years of experience in Software Engineering, Info Sec, or related

·      Bachelor’s degree or an additional two years of relevant training/experience in lieu of this degree.

·      Demonstrates strong understanding of information technology systems, business processes, security regulatory risk management and security vulnerabilities

·      Knowledge of security best practices for client-server architectures, focusing predominantly on cloud-based server development

·      Experience in DevOps culture with knowledge or experience delivering using Agile methodologies

·      Previous experience with maintaining static and dynamic code analysis tools

·      Demonstrated experience in advising and serving as a technical expert within a team

·      Experience implementing and operating static and dynamic analysis tools

·      Excellent verbal and written communication skills

·      Proficiency with Microsoft suite of tools including Word, PowerPoint, Excel, SharePoint

·      Ability to analyze, organize and simplify complex problems to develop practical solutions preferred

·      High school diploma or equivalent.

·      Minimum age of 18.

·      Must be authorized to work in the U.S.

Preferred

·      Strong demonstrated hands-on experience on implementing Application Security architectures

·      Experience using common security testing tools and techniques to perform a variety of security assessments across multiple platforms with significant expertise in either web or mobile penetration testing

Job-Specific Leadership Expectations

·      Embody our values to own safety, do the right thing, be kind-hearted, deliver performance, and be remarkable.