Job Details

DevOps Engineer

Job ID 1122

  • Alpharetta, GA, 30004
  • Fulltime
  • 6 - 15 years experience
  • 104244 - 169320 Annual
  • 02/12/2019
  • IT-Software, Software Services
  • 1 of Openings
Apply Now

Job description

  • We are looking for an experienced Developer to join our SecDevOps team.
  • Must have a passion for securing applications and pipelines, knowledge of application security risks, and a willingness to share that knowledge with development teams.
  • The SecDevOps engineer will implement cutting edge security technologies inside SecDevOps pipeline processes.
  • Experience in Full Stack development in an AWS environment, and a good understanding of Front- and Back-end system security, along with pipeline and Application Security is vital.

Responsibilities

  • What Part Will You Play?

    • Working with Infosec teams and Product Owners to achieve alignment between information security and business change objectives
    • Architect, design and provide implementation patterns of security controls throughout solution delivery lifecycle.
    • Design and develop generic security patterns and guidelines to enable applications stay compliant - integrate them Application and DevOps processes and CI/CD pipelines from early stages of the lifecycle
    • Evaluate and onboard security tools such as RASP, WAF, SAST, vulnerability and open source scanning into the SecDevOps life cycle for multiple tech stacks
    • Drive continuous improvement to both the SecDevOps pipelines and processes, and to the Information Security tools, services, and processes

    Required Skills:

    • Experience working in an agile, DevOps/SecDevOps environment
    • S or M.S in Computer Science or other related engineering fields
    • 3+ years of experience working in a Software Engineering role with a solid foundation in programming, algorithms, and software application design
    • 2+ years of experience working in a Security role handling on premise and cloud infrastructures
    • 3+ years of experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for everyday deployments
    • Experience with Kubernetes, AWS, SaltStack, Docker, and Kafka.
    • Experience converting feedback from security analysis tools (Threat Stack, Amazon Inspector, etc.) into infrastructure improvements

    Preferred Qualifications

    • Hands-on experience with tools and technologies used throughout secure SDLC such as AppScan, Fortify, Veracode, WhiteSource etc.
    • Knowledge of common software and web application security vulnerabilities crypto primitives, authentication protocols and authorization standards such as SSL/TLS, OAuth, JWT tokens etc.
    • Knowledge of cryptographic principles and practice, security attack vectors and application security vulnerabilities such as SQL Injection, Cross Site Scripting, CSRF etc.

     

Apply Now