FITS is seeking an intelligent and forward-thinking cloud security professional to join our expanding Commercial division. This exciting new role within the Assessment & Advisory team will help you define the future of cloud. With data becoming the new most valuable resource, companies are utilizing cloud platforms to leverage their data’s value in a governed way. DevSecOps is defined as the focus on a seamless integration between the three disciplines of development, security, and operations with as much transparency as possible. DevSecOps emphasizes collaborative processes and increased automation.
As a DevSecOps Engineer, you will drive the delivery of a world-class Azure cloud-native platform for our client, applying your expertise for all areas of cloud infrastructure. Your responsibilities will include partnering with engineering, product, and cloud operations to embed security by design, facilitating rapid adoption and automation of Azure cloud services.
Essential Duties & Responsibilities
- Work with GitHub Actions, Terraform, APIs, and CLI to make changes and fix issues in Azure environments as they arise
- Manage deployment pipeline from development to production
- Extend deployment pipeline manually and through automation
- Respond quickly to service requests
- Develop, continuously improve, and ensure compliance with controls built for the Azure cloud-native platform.
- Partner with engineering, product, and operations teams to cultivate a secure CI/CD mindset and develop practical automation solutions.
- Plan, organize, and manage multiple responsibilities from various stakeholders and sometimes competing requests to achieve desired objectives.
- Additional tasks include supporting the larger security team during security incidents and investigations; working with multiple teams across the organization to advance the overall security posture. After hours on-call support may occasionally be required.
- Enterprise-level experience with cloud infrastructure/cloud engineering across a wide range of disciplines, including Azure specifically
- Experience managing critical shared services, such as Active Directory, Group Policy, Azure AD, DNS, PKI, and Azure Networking Services.
- Working knowledge of leveraging CI/CD pipelines, SDLC, Agile software development, Scrum methodologies.
- Experience with configuration management and Infrastructure as Code tools like Terraform, Ansible, or similar tools.
- Extensive experience running a fleet of cloud VMs and containers
- Ability to work collaboratively in an organization with stakeholders distributed across various time zones.
- Experience with engineering and operations in compliance with regulatory requirements and/or frameworks (FedRAMP, HIPAA, NIST, ISO 27001/2, SOC2, etc.).
- An excellent collaborator, teammate and security leader with advanced presentation and communication skills.
- Accustomed to a fast paced environment and self-motivated with an ability to execute with little supervision.
- Able to iterate quickly and independently to deliver solutions to technical problems.
- Eager to learn new technologies and modern methodologies. Interested in broadening your skills into technologies you haven’t seen before.
- Familiar with security by design principles, and able to educate other technical engineers on how to build security into their processes in a scalable way.
- Agile-minded, optimistic, passionate, and pragmatic about delivering valuable software to customers.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided