About The Job
As a Senior DevSecOps Engineer on our Platform & Data team, you have the unique opportunity to help ensure security is built in from the beginning, not retrofitted. We’re working to build a brand new platform and ensuring robust security measures are built in is one of our core feature sets. You’ll have the ability to help from ensuring we have a fully secure CI/CD pipeline to build and deploy secure and compliant applications to equipping our infrastructure with proper governance and embedded security controls to prevent security loopholes.
Reporting into the VP of Technology and Security, you’ll be partnering with cross functional teams to establish a strategic path in building out our platform with a shift-left security approach to implement security measures at each and every layer.
If you like working on automated security frameworks, building out a fully secure and compliant cloud infrastructure, we look forward to hearing from you!
What you'll do:
- Evaluate a myriad of deployment scenarios (cloud, hybrid-cloud), services, models and technology to ensure they are secure and compliant with various industry standards (HIPAA, PII, SOX)
- Develop and guide technology risk management in collaboration with teams across the company to enable responsive, secure and cost effective solutions
- Be highly versatile and technical, from heavy network engineering, application security and DevSecOps (Development, Security and Operations)
- Provide best security guidance to secure a Cloud based Service Mesh environment
What you'll need:
- 4+ years of experience in cloud / software security experience
- 3+ years of software experience in Java/Go/Python or equivalent; ability to write / understand software development, specifically writing modules towards security within a platform or working with third parties for evaluating source code for vulnerability
- 3+ years of experience securing AWS infrastructure
- 2+ years of experience with Kubernetes (from a security perspective), working with Large K8s clusters/service mesh enabled, or NetPol with Calico or similar
- Experience with security vulnerability assessments and tools (WAF, Inspector, Guarduty, Threat Stack, other IDS/IPS tools, etc.)
- Experience building and maintaining CI/CD pipelines
What you'll bring to the table:
- Solid knowledge of SSO methodologies (SAML, AD, LDAP)
- Strong understanding of network and security concepts including TCP/IP protocol stack, HTTP, HTTP/2, PKI, SSL, TLS, DTLS, mutual TLS, OAuth, Authentication, Authorization
- Understanding of application security (mTLS, SPIFFE, General Understanding of HIPAA/SOX/PII/GDPR compliance)
Who you are:
- Manages Complexity. You ask the right questions to accurately analyze situations and uncover root causes to difficult issues. Through acquiring data from multiple and diverse sources, you are able to make sense of complex, high-quantity, and sometimes contradictory information to solve problems.
- Drives Results. You persist in accomplishing objectives and exceeding goals despite obstacles and setbacks, while also helping others to achieve results.
- Collaborates. You work cooperatively with others across the organization to achieve shared objectives, partnering with others to get work done and crediting others for their contributions and accomplishments.
You will work out of one of the following locations:
- In-office: New York, NY
- Remote: Alabama, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming
Full-time base salary range of $170,000 - $210,000 plus a competitive equity & benefits package listed under the "Why work with us?" section.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided