DevSecOps Engineer

$110,000 - $144,000/Yr

Avathon Capital - Austin, TX

posted 14 days ago

Full-time - Mid Level
Austin, TX

About the position

The DevSecOps Engineer at Avathon, Inc. is responsible for enhancing the security of software development processes. This role involves collaborating with various teams to ensure secure design, development, and monitoring of web applications and APIs, while integrating security tools into software build pipelines. The engineer will lead threat modeling exercises, conduct code reviews, and manage vulnerabilities, all while educating teams on secure development practices.

Responsibilities

  • Work closely with engineers, data scientists, product owners, and security team members to ensure secure design and development of web applications and APIs.
  • Collaborate with engineering teams to integrate security tooling into software build pipelines.
  • Analyze, prioritize, and provide remediation guidance for security scan results in collaboration with engineering teams.
  • Lead teams through threat modeling exercises to identify potential security risks.
  • Participate in code reviews to ensure security best practices are implemented.
  • Conduct technical Root Cause Analysis on vulnerabilities and identify areas for further research or testing.
  • Educate engineers and managers on secure development best practices and the Secure Software Development Lifecycle (SSDLC).
  • Assist cross-functional teams in embedding logging, monitoring, and auditing in applications.
  • Manage vulnerabilities for Avathon software and work with engineering teams to prioritize and mitigate them.

Requirements

  • 3+ years of experience as an Application Security Engineer or DevSecOps Engineer.
  • Experience working with development teams to build secure software, including threat modeling and security education.
  • Strong understanding of the OWASP Top 10.
  • Experience writing shell scripts and working with CI/CD tools like Jenkins, Github Actions, or CircleCI.
  • Proficiency in reading, writing, and auditing Python, Javascript, or C#, with the ability to learn new languages.
  • Knowledge of web service technologies and RESTful APIs.
  • Excellent written and verbal communication skills, with strong interpersonal and collaborative skills.
  • Strong problem-solving skills and a proactive approach to tasks.
  • Understanding of encryption technologies (SSH, SSL, TLS) and common authentication protocols (OAuth2, OIDC, RBAC, ABAC).
  • Strong understanding of microservices-based architectures.

Nice-to-haves

  • Experience with SAST, DAST, SCA tools.
  • Experience with penetration testing.
  • Experience with container security.
  • Experience as a software developer.
  • Experience with Kubernetes.

Benefits

  • Competitive salary range of $110,000 - $144,000 based on experience and location.
  • Equal employment opportunities and commitment to diversity, equality, and inclusion.
  • Reasonable accommodations throughout the recruiting process.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service