DevSecOps Engineer

The Ideal Candidate

The Role

Responsibilities

• Develop, document, and implement CI/CD strategy for management of Infrastructure as Code (IaC) and Policy as Code baseline.
• Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service.
• Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the (IaC) CI/CD pipeline.ie. Selenium, Prometheus, or OpenSearch or various DevSecOps functioning to include system debugging.
• Review, debug, and resolve technical issues throughout all stages of SDLC.
• Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, playbooks, and work instructions.
• Measure effectiveness of process improvement and automation efforts via metrics and KPIs.
• Perform integration activities to connect with third-party software APIs.
• Design, implement, and maintain efficient and reusable Python and Terraform code.
• Work with stakeholders to develop requirements and deliverables.
• Communicate with project managers on a frequent basis. Identify tasks and issues that may have an impact on service levels or schedules. Provide realistic task and cost estimates.
• Maintain a current and working knowledge of IT development methodology, architecture design, and technical standards.
• Partner with other company teams, particularly our Engineering, TSE and Client Experience teams, in provisioning cloud infrastructure environments for development, POC, demos, and our production SaaS service.
• Security event monitoring of runtime environments, e.g. API Threat Prevention, Container Runtime Security, Cloud, etc.
• Knowledge of cloud-based security issues and related activities relating to threat detection, monitoring, and response.
• Evaluate the impacts of change requests on own/shared technologies and effectively persuade and influence others on ideas.
• Review and approve documentation and diagrams created by team members (e.g., system specifications). Write documentation, including technical standards and processes.

Skills and Experience

• 3+ years of experience leading cloud services design and deployments in technology such as SaaS, IaaS, and PaaS.
• 3+ years of experience in building and deploying cloud native solutions such as AWS, Azure, or Google Cloud Platform.
• Deep knowledge of DevSecOps tools and methodologies.
• Ability to influence and build relationships with LOB stakeholders, technology CIO leadership, external service providers, infrastructure, and enterprise architecture teams.
• Deep technical expertise in one or more of these areas: Storage, Compute, Databases, AIML.
• Professional Cloud Certification(s) from AWS, DSOE.
• Experience working with cloud security management or governance tools.
• Ability to manage initiatives related to cloud transformation, migration, modernization, and implementation.
• Excellent verbal, written, and interpersonal communication skills. Ability to articulate technical solutions to both technical and business audiences.
• Ability to deliver and engage with partners effectively in a multi-cultural environment by demonstrating co-ownership and accountability in a matrix structure.
• Ability to influence, partner, and negotiate with senior business leaders to drive strategic outcomes.
• Delivery focus and willingness to work in a fast-paced, enterprise environment. 

Personality Attributes

• Excellent problem-solving skills and the ability to troubleshoot complex issues.
• Strong communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.
• Flexible, team player, goal-driven.
• Willing to take ownership of and proactively seek to improve on existing systems.
• Adaptability and self-motivation to excel in a mobile/remote-first team and company, demonstrating the capability to thrive in a distributed work environment while maintaining high productivity and communication standards.