Senior DevSecOps Engineer

Key Responsibilities

• Security Integration: Integrate security practices into the CI/CD pipeline and development lifecycle to ensure secure code, infrastructure, and operations.
• Automation: Develop and implement automation for security controls, monitoring, and compliance using tools like Terraform or Ansible.
• Vulnerability Management: Identify, assess, and mitigate security vulnerabilities and risks across systems and applications.
• Monitoring and Response: Implement and manage security monitoring, logging, and incident response processes to detect and address potential threats.
• Collaboration: Work with development, operations, and IT teams to ensure security best practices are followed and provide guidance on security-related issues.
• Compliance: Ensure that security practices comply with industry standards and regulatory requirements. Maintain documentation and evidence for audits.
• Tool Development: Develop and maintain security tools and scripts to enhance security automation and efficiency.

Qualifications

Minimum Qualifications:

• Education: Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field.
• Experience: 5+ years of experience in DevSecOps or a similar role, with a focus on integrating security into DevOps processes.
• Technical Skills: Proficiency in scripting languages such as Python, Bash, or PowerShell.
• Security Tools: Experience with security tools and technologies (e.g., vulnerability scanners, SIEM systems).
• CI/CD Integration: Experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD) and integrating security into these pipelines.
• Cloud Platforms: Hands-on experience with cloud platforms (e.g., AWS, Azure) and their security features.
• Problem-Solving: Strong troubleshooting and problem-solving skills related to security and DevOps.
• Communication: Excellent communication and collaboration skills.

Preferred Qualifications:

• Education: Master’s degree in Computer Science, Cybersecurity, Engineering, or a related field.
• Experience: 7+ years of experience in DevSecOps roles, with a proven track record of managing security in complex environments.
• Advanced Skills: Expertise in security automation, including container security (e.g., Docker, Kubernetes) and cloud security.
• Certifications: Relevant certifications (e.g., CISSP, AWS Certified Security – Specialty, Azure Security Engineer Associate).
• Compliance Experience: Experience with regulatory compliance frameworks (e.g., GDPR, HIPAA, NIST).
• Industry Experience: Experience in aerospace or technology sectors is highly desirable.

• This position may include access to technology and/or software source code that is subject to U.S. export controls. To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158,  or be eligible to obtain the required authorizations from the U.S. Department of State. 

Benefits

• Health Insurance: Comprehensive medical, dental, and vision coverage.
• Retirement Plans: Access to a 401(k) plan.
• Paid Time Off: Generous vacation days, personal days, and holidays to ensure you have time to recharge.
• Professional Development: Opportunities for ongoing training, workshops, and courses to advance your skills and career growth.
• Team Building Activities: Regular social events, team outings, and company-sponsored activities to foster a positive work environment.
• Diverse and Inclusive Culture: A commitment to diversity and inclusion, with initiatives to support a welcoming and equitable work environment.