The Weather Company

DevSecOps Engineer

The Weather Company

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudDockerGroovyJavaScriptJenkinsKubernetesPerlPHPPythonRuby

About the role

  • Set up and automate regular system patching
  • Set up and automate static and dynamic code scanning
  • Set up and automate vulnerability scanning
  • Automate the creation of tickets and the production of evidence from scanning tasks
  • Automate change management processes
  • Build security and compliance dashboards and reports
  • Perform security reviews on build environments and ensure all systems are maintained with the latest patches, and that security best practices are being followed
  • Participate in agile/scrum processes to help ensure that security deliverables are triaged, prioritized, and slipstreamed into product delivery processes
  • Collaborate and coordinate with 3rd party security consultants.
  • Manage audit processes and triage results with the team.

Requirements

  • 5+ years of professional experience as a DevSecOps engineer
  • Deep understanding of build automation processes and tools (GitHub Actions, Vercel, Jenkins, TravisCI)
  • Expertise with container technologies (Docker, Kubernetes, Helm)
  • Experience with different compliance standards (SOC2, CMMC, NIST, ISO)
  • Familiarity with the Department of Defense (DoD) Impact Level 6
  • Ability to script/code in at least two of the following languages: bash, perl, python, ruby, groovy, JavaScript, PHP
  • Solid understanding and experience with APIs (REST, XML, JSON)
  • Extensive experience with at least one cloud provider (AWS, Azure)
  • Experience with security tooling (Checkmarx, OWASP Zap, Skyk, Dependabot)
  • Familiarity with issue tracking systems, especially JIRA
  • Good communication and organizational skills
  • Self-starter, open to learning new skills and accepting new challenges.
Benefits
  • SkillBridge Eligibility: Active-duty service member within 180 days of separation.
  • Able to obtain command approval to participate.
  • Meets basic qualifications for the role.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DevSecOpsbuild automationscriptingAPIscloud computingsecurity toolingvulnerability scanningcode scanningchange managementsecurity reviews
Soft Skills
communicationorganizationalself-startercollaborationagileprioritizationtriageproblem-solvingadaptabilitylearning
Certifications
SOC2CMMCNISTISO