DevSecOps Engineer

$87,000 - $178,200/Yr

Oracle - Boston, MA

posted 4 months ago

Full-time - Senior
Boston, MA
Publishing Industries

About the position

The Snr Security Engineer, CSS Security is a pivotal role within the Oracle Customer Success Services, specifically in the Security Architecture and Engineering team. This team is responsible for the security architecture, engineering, and automation of services provided by the CSS Organization. As a member of this elite team, you will be tasked with designing and implementing security solutions that enhance efficiency, performance, and reliability, with a strong emphasis on automation and continuous integration, continuous delivery, and continuous deployment (CI/CD). Your contributions will be crucial in managing security risks associated with the solutions and services offered by the Advanced Customer Services group. In this role, you will focus on both Information Security and DevOps/Site Reliability, collaborating across various departments to promote a DevSecOps approach within our cloud and on-premises environments. As a senior member of the team, you will work closely with peers and OCI counterparts to design, package, deploy, run, and maintain cloud-native solutions that leverage cutting-edge capabilities developed by the OCI team. Your responsibilities will also include driving improvements in configuration management, provisioning, software deployment, and ensuring security compliance. The DevSecOps practice you will be part of automates, monitors, and applies security measures throughout all phases of the Software Development Life Cycle (SDLC).

Responsibilities

  • Design and implement security automation to improve efficiency, performance, and reliability.
  • Promote improvements in configuration management, provisioning, software deployment, vulnerability identification, and security compliance.
  • Provide creative and innovative solutions that bridge the gap between requirements and OCI capabilities.
  • Manage and support security tool platforms.
  • Remediate vulnerabilities in accordance with risk assessments.
  • Investigate purported intrusions and breaches and oversee root cause analysis.
  • Research, evaluate, track, and manage information security threats and vulnerabilities, requiring in-depth analysis and scripting skills.
  • Contribute to the drive towards DevOps methodology with development and maintenance of CI/CD pipelines, automation, and API integrations.

Requirements

  • Established IT experience in a security-related role supporting complex architecture.
  • Broad technical background in infrastructure and Cloud applications with the ability to interpret technical specifications and architect solutions.
  • Proven experience engineering Cloud solutions in an Infosec, Developer, Site Reliability, or related DevOps role.
  • Experience implementing DevOps technologies and principles, especially CI/CD (e.g., Chef, Artifactory, Ansible).
  • Familiarity with scripting and programming languages such as Ruby, Python, Terraform, and shell scripting.
  • Strong knowledge of *nix and Windows system administration, cloud architecture and security principles, and Risk management frameworks.
  • Experience with commercial security products and closing the gaps through development, automation, API integrations, and researching and closing vulnerabilities via patching.
  • US Citizenship and ability to work in a US Federal environment.
  • Willingness to undergo background check and obtain any agency-required security clearance.
  • BS or MS degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience with 8+ years of related experience.
  • Experience with IT security across multiple hardware platforms, operating systems, and applications.
  • Experience with EDR (Endpoint Detection & Response), Antimalware, Vulnerability Management, and Micro-Segmentation tools.
  • Knowledge of networking concepts and protocols.
  • Experience with other cloud provider offerings/capabilities is a plus.
  • Knowledge of database security principles and encryption technologies and architectures.
  • Experience with myriad DevOps tools such as Chef, Ansible, and Puppet.
  • Experience with Kubernetes, Kafka, Microservices, Machine Learning, or Artificial Intelligence.
  • Exposure to security standards such as FedRAMP, NIST 800-53, or PCI DSS and security controls like ISO 27001, SOC 2, and HITRUST as applied to cloud SaaS, PaaS, and IaaS operations.
  • Security certifications such as CISSP, Security+, CCSP, GCIH, CISA, or CISM.
  • Excellent written and verbal communication skills.
  • Ability to adjust and adapt to changing priorities in a dynamic environment.

Nice-to-haves

  • Experience with other cloud provider offerings/capabilities is a plus.
  • Knowledge of database security principles.
  • Knowledge of encryption technologies and architectures.

Benefits

  • Medical, dental, and vision insurance, including expert medical opinion.
  • Short term disability and long term disability.
  • Life insurance and AD&D.
  • Supplemental life insurance (Employee/Spouse/Child).
  • Health care and dependent care Flexible Spending Accounts.
  • Pre-tax commuter and parking benefits.
  • 401(k) Savings and Investment Plan with company match.
  • Flexible Vacation provided to all eligible employees assigned to a salaried position.
  • Accrued Vacation for other employees eligible for vacation benefits.
  • 11 paid holidays.
  • Paid sick leave: 72 hours upon date of hire, refreshing each calendar year.
  • Paid parental leave.
  • Adoption assistance.
  • Employee Stock Purchase Plan.
  • Financial planning and group legal services.
  • Voluntary benefits including auto, homeowner, and pet insurance.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service