Ziphire HR

Senior DevSecOps Engineer

Ziphire HR

full-time

Posted on:

Location Type: Remote

Location: Canada

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AnsibleAWSAzureCloudDockerGoGoogle Cloud PlatformKubernetesLinuxPythonTerraform

About the role

  • Grow as the Subject Matter Expert (SME) for security best practices within the DevOps team
  • Promote a culture of security, automation, and continuous improvement by mentoring team members
  • Integrate and manage security controls and best practices across every stage of the software development lifecycle
  • Manage DAST, IAST, and SAST tools to identify and remediate application and code vulnerabilities
  • Automate security testing and compliance checks within DevOps workflows, including Docker image security scanning
  • Develop and enforce policy as code for Kubernetes environments to ensure consistent security and compliance Implement and manage infrastructure as code (IaC) solutions for cloud and on-premises environments
  • Collaborate with development, operations, and security teams to address vulnerabilities and improve overall security posture
  • Continuously evaluate and improve DevSecOps tools, processes, and standards

Requirements

  • Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field
  • 5+ years of experience with DevSecOps practices, integrating security into CI/CD pipelines and the software development lifecycle
  • 3+ years of hands-on experience deploying, managing, and securing Kubernetes clusters in production environments
  • Proven expertise with policy as code frameworks (e.g., OPA/Gatekeeper, Kyverno) for Kubernetes security and compliance
  • Demonstrated proficiency implementing and operating DAST, IAST, and SAST tools for application and code security
  • 5+ years of experience with Docker image security scanning and container vulnerability management
  • Strong background with infrastructure as code (IaC) tools such as Terraform, Helm, or Ansible
  • Expert-level experience with Linux Experience with cloud platforms (AWS, GCP, Azure) and their security best practices
  • Solid scripting and automation skills (e.g., Python, Bash, Go)
  • Experience creating executive-level security reports and KPIs
  • Excellent analytical, troubleshooting, and incident response abilities
  • Strong communication and collaboration skills, with a passion for mentoring and continuous improvement
  • Experience with eBPF and Cilium Tetragon is a plus
Benefits
  • We believe in providing with company ownership, competitive pay, and a range of meaningful benefits is the start of creating a culture where people want to give the best they’ve got — not because they’re simply making money, but because they’ve fallen in love with our vision, mission, values, and team.******During the interview process, your Recruiter will review our total rewards (base, equity, bonus, perks, benefit, culture) offerings. The final offer is determined by your proficiencies within this level.**
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DevSecOpsCI/CD pipelinesKubernetespolicy as codeOPAGatekeeperKyvernoDASTIASTSAST
Soft Skills
mentoringanalytical skillstroubleshootingincident responsecommunicationcollaborationcontinuous improvement