DevSecOps Engineer (US)

$87,000 - $151,000/Yr

TD Bank - Laurel, FL

posted about 1 month ago

Full-time - Mid Level
Remote - Laurel, FL
10,001+ employees
Credit Intermediation and Related Activities

About the position

The DevSecOps Engineer is an Engineering II role at TD Bank, focused on supporting, securing, managing, and deploying solutions that enhance the bank's software delivery initiatives. This position is highly technical and requires a solid understanding of information security, cloud infrastructure, software, and various reference architectures. The engineer must also comprehend the business goals, product strategy, and operational requirements of clients within a highly secured and governed environment. The role supports continuous integration and continuous deployment (CI/CD) initiatives and involves collaboration with software developers, product engineers, cybersecurity engineers, and systems administrators. As a key member of the team, the DevSecOps Engineer acts as a liaison with business stakeholders to understand strategic objectives and execution outlooks. The position is heavily security-focused, integrating security and privacy by design principles throughout the software lifecycle. Engineers in this role are expected to have a strong work ethic, perform analytical and critical thinking, and adeptly manage change requests. They must work well with business units and possess superior listening and communication skills alongside their technical expertise. DevSecOps Engineers embody security-first principles, continuously assess the threat landscape, and adapt quickly to manage enterprise risk, integration, configuration, and deployment requirements. They build relationships with developers and stakeholders to incorporate security principles into engineering design and deployments, implement and validate application security controls, and recommend services and tools to facilitate the use of security components. The role also involves simplifying automation processes that integrate security within CI/CD pipelines and supporting the early incorporation of security throughout the development lifecycle. Additionally, the engineer will assist in prioritizing vulnerabilities identified in code, promote quick remediation, and enrich DevOps architecture with security standards and best practices. They will partner with teams to define key performance indicators (KPIs) and key risk indicators (KRIs) while distributing useful program metrics across business units. Other duties may be assigned as necessary.

Responsibilities

  • Support, secure, manage, and deploy solutions for TD Bank's software delivery initiatives.
  • Collaborate with software developers, product engineers, cybersecurity engineers, and systems administrators in CI/CD initiatives.
  • Act as a liaison with business stakeholders to understand strategy and execution outlook.
  • Implement, test, and validate application security controls across projects through automation workflows in CI/CD.
  • Implement defensive configurations and countermeasures across cloud infrastructure and applications.
  • Recommend services and tools to enable developers to use security components effectively.
  • Simplify automation that applies security inter-workings with CI/CD pipelines.
  • Support the incorporation of security early in the development lifecycle, including threat modeling and developer IDE security features.
  • Assist in prioritizing vulnerabilities identified in code and promote quick remediation.
  • Research and learn new tactics, techniques, and procedures to assess risk and implement controls through the CI/CD pipeline.
  • Enrich DevOps architecture with security standards and best practices, promoting baseline configuration and reducing drift.
  • Partner with teams to define KPIs and KRIs, distributing useful program metrics across business units.

Requirements

  • Bachelor's or Graduate degree in a relevant field (e.g., computer science, engineering).
  • 7+ years of relevant experience in DevSecOps or related fields.
  • Expert knowledge of engineering frameworks, technology, tools, processes, and procedures.
  • Strong understanding of information security, cloud infrastructure, and software development lifecycles.
  • Ability to work collaboratively with development and infrastructure teams in agile workflows.

Nice-to-haves

  • Experience with containerized compute (e.g., Docker) and container orchestration (e.g., Kubernetes).
  • Familiarity with Nexus IQ, GitHub Advanced Security, SonarQube, Terraform, Jenkins, and Ansible.
  • Experience with operations and security across AWS, Microsoft Azure, and Google Cloud Platform.
  • Scripting capabilities in Python, Bash, and PowerShell.
  • Knowledge of Supply-chain Levels for Software Artifacts (SLSA), PCI, NIST, or CIS control requirements.

Benefits

  • Base salary and variable compensation/incentive awards.
  • Health and well-being benefits.
  • Savings and retirement programs.
  • Paid time off including Vacation PTO, Flex PTO, and Holiday PTO.
  • Banking benefits and discounts.
  • Career development opportunities and mentoring programs.
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service