DevSecOps Engineer (on-site)

$84,000 - $142,000/Yr

Ericsson - Plano, TX

posted about 2 months ago

Full-time - Senior
Onsite - Plano, TX
Telecommunications

About the position

We are seeking a highly skilled and experienced Senior DevSecOps Engineer to join our dynamic team at Ericsson. In this role, you will be responsible for integrating security practices into DevOps processes to ensure the deployment of secure, high-quality IT infrastructure. You will work closely with global and local development teams, manufacturing operations teams, and security teams to implement and maintain security measures across our CI/CD pipelines, automate security testing, and monitor systems for vulnerabilities. Your collaboration with business stakeholders will be crucial to understand their requirements and act in accordance with agile methodology principles. As a Senior DevSecOps Engineer, you will integrate security practices into the DevOps lifecycle, from development to deployment and operations. You will design, implement, and manage secure CI/CD pipelines, ensuring automated security testing at every stage. Your responsibilities will also include developing and enforcing security policies and procedures for infrastructure as code (IaC) and configuration management. Regular security assessments, vulnerability scanning, and penetration testing will be part of your routine to identify and mitigate risks effectively. Collaboration is key in this role, as you will work with development and operations teams to ensure secure coding practices and secure deployment configurations. You will implement and maintain security monitoring and incident response systems to detect and respond to threats in real-time. Additionally, you will provide guidance and training to development and operations teams on security best practices and emerging threats. Staying up-to-date with the latest security trends, tools, and technologies will be essential, as you proactively implement improvements. You will also lead and mentor junior DevSecOps engineers, fostering a culture of security awareness and continuous learning. Your support will extend to deployment projects and collaboration with third-party vendors, analyzing requirements to understand how new features or functions can impact existing products, and driving innovation within the factory organization.

Responsibilities

  • Integrate security practices into the DevOps lifecycle, from development to deployment and operations.
  • Design, implement, and manage secure CI/CD pipelines, ensuring automated security testing at every stage.
  • Develop and enforce security policies and procedures for infrastructure as code (IaC) and configuration management.
  • Perform regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate risks.
  • Collaborate with development and operations teams to ensure secure coding practices and secure deployment configurations.
  • Implement and maintain security monitoring and incident response systems to detect and respond to threats in real-time.
  • Provide guidance and training to development and operations teams on security best practices and emerging threats.
  • Stay up-to-date with the latest security trends, tools, and technologies, and proactively implement improvements.
  • Lead and mentor junior DevSecOps engineers, fostering a culture of security awareness and continuous learning.
  • Provide support to deployment projects and work with third party vendors.
  • Analyze requirements to understand how the introduction of new features/functions can impact the existing product.
  • Drive innovation within the factory organization.

Requirements

  • Bachelor's degree in Computer Science, Engineering, Information Technology, or a related field.
  • Minimum of 7 years experience in Software development, Systems Admin, IT Support, Site Reliability (or Build & Release) Engineering, or Network/Test/QA/DBA roles.
  • At least 3+ years in a DevOps or DevSecOps role.
  • Strong knowledge of security principles, practices, and technologies, including encryption, authentication, authorization, and network security.
  • Proficiency with CI/CD tools such as Jenkins, GitLab, or Azure DevOps, and experience integrating security tools into CI/CD pipelines.
  • Hands-on experience with security testing tools such as SAST, DAST, SCA, and penetration testing frameworks.
  • Expertise in cloud platforms (AWS and Azure) and securing cloud infrastructure.
  • Strong scripting and automation skills (Python, Bash, PowerShell, etc.).
  • Familiarity with containerization (Docker) and orchestration (Kubernetes) security practices.
  • Excellent problem-solving skills and the ability to work independently as well as part of a team.
  • Strong communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
  • Relevant certifications such as Azure Security Engineer Associate, Azure DevOps Engineer Expert, Azure Solutions Architect Expert are highly desirable.

Nice-to-haves

  • Experience with infrastructure as code (IaC) tools such as Terraform or Ansible.
  • Knowledge of regulatory compliance requirements and frameworks (e.g., GDPR).
  • Background in software development with experience in secure coding practices.
  • Familiarity with microservices architecture and securing APIs.
  • Experience with log management and monitoring tools such as Checkmk, Nagios, ELK Stack, Splunk, or Prometheus.
  • Knowledge of Zero Trust Architecture and implementation.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service