DevSecOp Engineer

Key Responsibilities

• Security Integration: Integrate security practices into CI/CD pipelines and development processes to ensure secure code, infrastructure, and deployment.
• Automation: Develop and implement security automation for compliance, monitoring, and vulnerability management using tools like Terraform or Ansible.
• Vulnerability Management: Identify, assess, and remediate security vulnerabilities and risks across systems and applications.
• Monitoring and Response: Set up and manage security monitoring, logging, and incident response systems to detect and address potential security threats.
• Collaboration: Partner with development, operations, and IT teams to ensure security best practices are followed and provide expertise on security issues.
• Tool Development: Create and maintain security tools and scripts to enhance automation and security effectiveness.
• Documentation: Maintain comprehensive documentation for security practices, configurations, and compliance requirements.

Qualifications

Minimum Qualifications:

• Education: Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field.
• Experience: 3+ years of experience in a DevSecOps role or related field, with a focus on integrating security into DevOps practices.
• Technical Skills: Proficiency in scripting languages such as Python, Bash, or PowerShell.
• Security Tools: Experience with security tools and technologies (e.g., vulnerability scanners, SIEM systems).
• CI/CD Integration: Hands-on experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD) and integrating security measures into these pipelines.
• Cloud Platforms: Experience with cloud platforms (e.g., AWS, Azure) and their security features.
• Problem-Solving: Strong troubleshooting and problem-solving skills related to security and DevOps.
• Communication: Excellent verbal and written communication skills, with the ability to work collaboratively with cross-functional teams.

Preferred Qualifications:

• Education: Master’s degree in Computer Science, Cybersecurity, Engineering, or a related field.
• Experience: 5+ years of experience in DevSecOps roles, with a proven track record of managing security in complex environments.
• Advanced Skills: Expertise in security automation and cloud security, including container security (e.g., Docker, Kubernetes).
• Certifications: Relevant certifications (e.g., CISSP, AWS Certified Security – Specialty, Azure Security Engineer Associate).
• Compliance Experience: Familiarity with regulatory compliance frameworks (e.g., GDPR, HIPAA, NIST).
• Industry Experience: Experience in the aerospace or technology sectors is highly desirable.

• This position may include access to technology and/or software source code that is subject to U.S. export controls. To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158,  or be eligible to obtain the required authorizations from the U.S. Department of State. 

Benefits

• Health Insurance: Comprehensive medical, dental, and vision coverage.
• Retirement Plans: Access to a 401(k) plan.
• Paid Time Off: Generous vacation days, personal days, and holidays to ensure you have time to recharge.
• Professional Development: Opportunities for ongoing training, workshops, and courses to advance your skills and career growth.
• Team Building Activities: Regular social events, team outings, and company-sponsored activities to foster a positive work environment.
• Diverse and Inclusive Culture: A commitment to diversity and inclusion, with initiatives to support a welcoming and equitable work environment.