DevSecOps Engineer

$97,000 - $154,000/Yr

Smbc - White Plains, NY

posted 4 months ago

Full-time - Entry Level
Remote - White Plains, NY
10,001+ employees

About the position

The DevSecOps Engineer Associate role at SMBC Group is a critical position within the Cyber Security and Information Risk department, focusing on safeguarding Capital Market's information systems. This role involves administering security projects and requires active participation in technical research and development for both on-premises and cloud solutions. The engineer will act as a liaison between Development, Operations, and Cybersecurity Risk teams, utilizing programming knowledge, threat management, and communication skills to integrate cybersecurity practices throughout the Software Development Life Cycle (SDLC). Reporting directly to the Head of Cyber Security of Capital Markets, with additional reporting lines to the regional Chief Information Security Officer (CISO) of the Americas Division and the Capital Markets' Chief Operating Officer (COO), this position is pivotal in ensuring that security measures are effectively implemented and maintained. The DevSecOps Engineer will be responsible for configuring, deploying, and maintaining Information Security systems and cloud services in alignment with SMBC's policies and standards. Collaboration with the DevOps team is essential to ensure that the Continuous Integration/Continuous Deployment (CI/CD) pipeline incorporates security measures from the outset. The role also involves ongoing technical research and development to foster innovation in Cyber Security and Information Risk management. Key objectives of this role include hands-on engineering and architecting of cybersecurity solutions using industry best practices to mitigate threats, partnering with Site Reliability Engineering (SRE) and DevOps teams to automate security controls within CI/CD pipelines, and tracking the remediation of vulnerabilities in code, containers, and infrastructure as code. The engineer will also implement automation for security compliance testing within the development lifecycle, develop and report Key Risk Indicators (KRIs) within the Secure SDLC processes, and present updates to management regarding project accomplishments, challenges, and risks.

Responsibilities

  • Administer security projects to safeguard Capital Market's information systems.
  • Participate in technical research and development for on-prem and cloud solutions.
  • Act as a liaison between Development, Operations, and Cybersecurity Risk teams.
  • Automate and integrate cybersecurity practices throughout the SDLC lifecycle.
  • Ensure Information Security systems and cloud services are configured and maintained according to policies and standards.
  • Collaborate with the DevOps team to configure critical components of the CI/CD pipeline with security measures.
  • Scan and track remediation of vulnerabilities in code, containers, and infrastructure as code.
  • Implement automation for security compliance testing in the development lifecycle.
  • Develop and report Key Risk Indicators (KRIs) within the SSDLC processes.
  • Create and present updates to management regarding project accomplishments, challenges, and risks.

Requirements

  • 4+ years of hands-on security engineer and operations experience securing cloud environments and developing automation workflows.
  • Practical experience in implementing security checks within a Secure SDLC Pipeline.
  • Hands-on experience with CI/CD tools such as Jenkins, Git, Github Actions, Artifactory, etc.
  • Hands-on experience with Secrets Management, SCA, and open-source tools.
  • Scripting experience with one or more scripting languages: bash, python, perl, YAML - required.
  • Hands-on experience with infrastructure as code tools such as Terraform or CloudFormation - required.
  • Familiarity with container orchestration technologies such as Kubernetes, Openshift, EKS, AKS.
  • Experience with container image scanning and vulnerability management.
  • AWS or Azure Certifications.

Benefits

  • Competitive salary range between $97,000.00 and $154,000.00 based on qualifications and experience.
  • Eligibility for an annual discretionary incentive award.
  • Comprehensive benefits portfolio offered to employees.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service