DevSecOps Engineer - Lawrenceville, GA (Onsite)

Net Orbit - Lawrenceville, GA

posted 16 days ago

Full-time
Lawrenceville, GA
Professional, Scientific, and Technical Services

About the position

The DevSecOps Engineer role focuses on integrating security practices within the DevOps process, ensuring that security is a fundamental aspect of application development and deployment. This position involves conducting security reviews, implementing secure development practices, and leading the adoption of automated security tools within CI/CD pipelines. The engineer will collaborate with product and engineering teams to address security risks and enhance the overall security posture of the organization.

Responsibilities

  • Assist comprehensive security reviews of application architecture, design, and code across various products and platforms for cloud-based architecture.
  • Drive the implementation of secure development practices, including threat modeling, security design reviews, and code analysis.
  • Lead the adoption and integration of automated security tools (SAST, DAST, IAST) within CI/CD pipelines to enhance continuous security testing.
  • Collaborate with product and engineering teams to identify and address security risks, build security into new products, and remediate vulnerabilities.
  • Serve as a point of contact for application security incidents, leading root cause analysis, mitigation, and preventive measures.
  • Stay ahead of the latest cloud-native, DevOps, GitOps, and security trends, attack techniques, and tools, and apply that knowledge to improve our security posture.
  • Provide strategic input into product and engineering roadmaps, ensuring security considerations are embedded in planning and execution.
  • Develop and deliver DevSecOps training programs to elevate the DevOps and security maturity of the entire development organization.
  • Create runbooks, documents, policies and procedures for managing security solutions and risk areas.
  • Create key performance indicators that track the progress and effectiveness of DevOps and security program.

Requirements

  • Bachelor's or Master's degree in computer science, Information Security, or related field (or equivalent experience).
  • 5+ years of experience in application security or software development.
  • Strong experience with containers (Docker+Kubernetes).
  • Experience with Azure, AWS, or Google Cloud Platform.
  • Knowledge of secure coding practices, OWASP Top 10, SANS Top 25, and common web application vulnerabilities.
  • Proven experience leading security initiatives, including threat modeling, security architecture reviews, and remediation strategies.
  • Deep understanding of automated security testing tools (e.g., SAST, DAST, IAST) and integrating them into DevSecOps pipelines.
  • Strong coding skills in one or more programming languages such as .NET, C#, Java, Python, or JavaScript, with experience identifying and remediating security vulnerabilities.
  • Extensive experience securing cloud environments (AWS, Azure, Google Cloud Platform) and familiarity with container security.

Nice-to-haves

  • Certified Kubernetes Administrator or Application Developer (CKA or CKAD from CNCF).
  • Proficiency in developing and executing security programs that scale across large, distributed environments.
  • Contributions to the security community.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service