DevSecOps Engineer
CSI
AnsibleAWSAzureCloudCyber SecurityDNSFirewallsGoogle Cloud PlatformJenkinsPythonSDLCSplunk+1 more
Software Engineer, DevSecOps
Moveworks
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteSalary
💰 $160,000 - $190,000 per year
Job Level
Junior
Tech Stack
AWSAzureCloudDockerKubernetesPythonTerraform
About the role
- Secure Infrastructure: Design, implement, and maintain secure infrastructure and environments (which includes FedRAMP compliant environment) consisting of applications, containers, virtual machines and cloud infrastructure.
- Vulnerability Management: Collaborate with teams to remediate and mitigate identified vulnerabilities. Also, work with the security team to assess vulnerabilities as well as identify potential security risks and weaknesses in the system.
- Security Automation: Develop and maintain security automation tools and scripts to streamline security processes and patch management as well as ensure consistent application of security controls across deployment pipelines and infrastructure.
- Incident Response: Respond to security incidents promptly, perform root cause analysis, and implement measures to prevent future occurrences.
- Security Audits and Compliance: Assist in security audits and compliance assessments to ensure adherence to industry standards and regulations. Collaborate with internal and external auditors to address any security-related findings.
- Collaboration and Documentation: Work closely with developers and security teams to identify security requirements and implement appropriate solutions. Maintain clear and comprehensive documentation of security practices, standards, and procedures.
Requirements
- Bachelor's degree in computer science, information security, or a related field.
- 1+ years of experience as DevSecOps / DevOps engineer.
- Good knowledge of software development processes and CI/CD pipelines.
- Proficiency in programming and scripting languages such as Python and Bash.
- Understanding of security principles, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10).
- Familiarity with security tools and technologies such as static code analysis, vulnerability scanners, intrusion detection/prevention systems, and SIEM solutions.
- Experience with vulnerability management and automating processes for resolving vulnerabilities.
- Experience with cloud platforms (e.g., AWS, Azure, Google Cloud) and containerization technologies (e.g., Docker, Kubernetes).
- Experience with infrastructure-as-code tools (e.g., Terraform, CloudFormation). Knowledge of security frameworks and standards (e.g., ISO 27001, NIST, PCI DSS).
- An appetite for working at a startup pace on challenging problems with a high degree of ownership.
Similar jobs on JobTailor
Senior Software Engineer
PayPal
AWSAzureCloudDockerGoJavaKubernetesPythonSDLCTerraform
Lead Information Security Officer
Citi
AWSAzureCloudCyber SecurityGoGoogle Cloud PlatformJavaJavaScriptJenkinsPython
Senior AI Product Security Engineer
WillHire
AnsibleAWSAzureCloudDjangoDockerDynamoDBFlaskGoogle Cloud PlatformKubernetesPostgresPython+3 more
Lead DevOps Engineer, Cloud Engineering
Wolters Kluwer
AnsibleAWSAzureCloudDockerJavaJenkinsLinux.NETPythonShell ScriptingTerraform