DevSecOps Engineer

About the position

The Verizon Cybersecurity organization securely enables the business by protecting assets and information across Verizon networks, infrastructure and applications. We integrate governance, policies, technologies and operations across Verizon, and work to incorporate security into the design of technology systems and services. The Data Protection Services team provides leadership for the design, engineering and implementation of data protection services and capabilities across the enterprise.

Responsibilities

• Advocating for, facilitating and creating DevOps culture and automate all the things with the correct DevOps tool.
• Providing infrastructure automation services within on-prem/Kubernetes (OCP) private and public clouds/OCP as well as team training and DevOps mentoring.
• Experience in DevOps tools - Jira, GIT, AccuRev, Jenkins, Ansible, Terraform, Docker, Kubernetes, nexus, sonarqube, HPfortify, selenium, BDD security, Load Testing and configuring end to deployment / delivery pipeline.
• Experience in HP Fortify, Tenable, Prisma, Black duck, Sysdig security tools and integration with the DevOps pipelines.
• ELT Tool (Talend) Install, configuration and Automation.
• Designing and implementing enterprise solutions using OpenShift, Red Hat OpenStack Platform, and other technologies.
• Creating automation solutions for application platforms using containers and container orchestration.
• Collaborating with DevOps teams to build and optimize CI/CD pipelines, automation frameworks, and infrastructure-as-code (IaC).
• Proficiency in writing shell and python scripts - Automation of business processes using bash shell, Perl, Bourne shell and Awk expect.
• Automated application security scans HPFortify and Black Duck in the DevSecOps Delivery pipeline.
• Designing, implementing, and managing a Docker environment for UI test automation by using Seleniod.
• Enabling NewRelic agents in application server/K8s pods, Configuring NewRelic dashboard and alters to monitor the application and system performances.
• Enabling EKS in Application/K8s pods to monitor the application logs and application activities.
• Twistlock/Sysdig - Enabled in K8s pipeline to make sure the Docker containers security.
• HpFortify(SAST), BlockDuck(OSS) and Sonarqube(SAST), ZAP(DAST) - Enabling full and Incremental scans in CICD pipelines.
• Managing infrastructure team and responsible for maintaining a high level of service availability.
• Managing operation communication and relationship management by acting as primary customer interface for cloud technology requests for assistance and information.
• Helping grow the team development talent within my team.
• Organizing day to day tracking of infra development activities, manage risks and dependencies, eliminate blockers and manage changes in the scope and schedule.

Requirements

• Bachelor's degree or four or more years of work experience.
• Four or more years of relevant experience required, demonstrated through work experience and/or military experience.
• Experience in Data Security and Corporate Security policies and regulations.
• Experience with Helm charts for Kubernetes deployments.
• Experience with infrastructure as code tools, specifically Terraform and CloudFormation.
• Linux and shell scripting experience.

Nice-to-haves

• Strong experience as a DevOps engineer with AWS services and best practices.
• Proficiency in containerization technologies, especially Docker and Kubernetes (EKS).
• Proficiency in scripting languages, preferably Python and Go.
• Experience with security scanning tools and practices, such as SonarQube for code analysis and tools like Prisma Cloud for infrastructure vulnerability assessments.
• Experience with CI/CD tools, particularly Jenkins and Argo CD.
• Understanding of DevSecOps principles and security best practices.
• Familiarity with GitOps principles and practices.
• Familiarity with SSO implementation and management.
• Experience with Rancher for Kubernetes management is a plus.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
• Strong analytical and problem-solving abilities, with attention to detail.
• Ability to prioritize tasks and manage time effectively in a fast-paced environment.
• Knowledge of handling sensitive data and date protection technologies.
• Proficient in Jira and other agile tools.
• Knowledge of project management methodologies and tools.
• One or more industry certifications, including but not limited to: CKA- Certified Kubernetes Administrator, AWS Certified Solutions Architect - Associate, GCP Professional Cloud Architect, Certified Solaris 9 Systems Administrator, Cisco certified network associate (CCNA), ITIL.