DevSecOps Engineer (# 365308)
$85,000 - $115,000/Yr
University of Minnesota
posted about 1 month ago
Full-time - Mid Level
Educational Services
About the position
The University of Minnesota's Minnesota Supercomputing Institute (MSI) is seeking a skilled DevSecOps Engineer to lead security analysis and implementation within a large, research-focused, Linux-based enterprise. This role involves developing security controls that align with operational requirements while collaborating with the operations team and the Research Computing's Security Assurance Team. The engineer will be responsible for implementing and verifying security controls using standard tools, ensuring a balance between security and usability in research environments.
Responsibilities
- Analyze security and policy requirements for infrastructure platforms, Linux systems, storage platforms, and network devices.
- Design, test, and implement security technologies and controls in collaboration with operations staff.
- Coordinate responses to security issues raised by monitoring operations and the RI Security Assurance Team.
- Ensure security controls meet research usability and security requirements.
- Identify and remediate system operational and performance issues related to security controls.
- Participate in operations project teams requiring security and policy expertise.
- Act as a security-related subject matter expert for escalated end-user issues.
- Prioritize, plan, and scope tasks and projects with minimal supervision.
- Manage tickets, tasks, and projects in MSI's tracking systems.
- Explore new technologies to solve unique problems and enhance MSI's capabilities.
- Provide support for escalated issues related to MSI resources.
- Track security vulnerabilities, devise mitigation strategies, and monitor implementation.
- Pursue professional development through training and workshops.
- Publish papers or presentations to share findings and advance Research Computing.
- Participate in a lightweight 24x7 on-call rotation.
Requirements
- BA/BS degree and at least 4 years of work experience in Linux Systems Administration and Security, or a Master's degree and at least 2 years of experience.
- Experience in Linux systems and infrastructure operations.
- Excellent oral and written communication and leadership skills.
- Ability to work independently with periodic guidance.
Nice-to-haves
- Experience in Linux HPC or research computing environments.
- Experience deploying SIEM tools in a Linux environment (e.g., Wazuh, CIS-CAT, Security Onion).
- Familiarity with systems configuration management environments (e.g., Puppet, Salt, Ansible).
- Experience implementing security and policy controls while balancing usability and performance.
- Experience with software integrity validation tools using SBOMs or similar technologies.
- Experience with implementation of HIPAA, HITRUST, FISMA, or NIST security policies.
Benefits
- Competitive wages, paid holidays, and generous time off.
- Continuous learning opportunities through professional training and degree-seeking programs.
- Low-cost medical, dental, and pharmacy plans.
- Healthcare and dependent care flexible spending accounts.
- University HSA contributions.
- Disability and employer-paid life insurance.
- Employee wellbeing program.
- Excellent retirement plans with employer contribution.
- Public Service Loan Forgiveness (PSLF) opportunity.
- Financial counseling services.
- Employee Assistance Program with eight sessions of counseling at no cost.
- Employee Transit Pass with free or reduced rates in the Twin Cities metro area.
