DevSecOps Engineer

Iseatz - Philadelphia, PA

posted 20 days ago

Full-time - Mid Level
Remote - Philadelphia, PA
Administrative and Support Services

About the position

The DevSecOps Engineer at iSeatz plays a crucial role in integrating security into the software development lifecycle, ensuring secure code releases, and automating security protocols. This position collaborates with various IT staff to enhance the security of deployment processes while maintaining a focus on rapid and safe delivery of code.

Responsibilities

  • Integrate security into CI/CD pipelines to ensure secure deployment practices and minimize vulnerabilities.
  • Conduct security code reviews to catch bugs and flaws before the deployment phase.
  • Manage security measures for containerized services using Docker, Kubernetes, and similar technologies.
  • Develop and maintain documentation related to DevSecOps processes and tools.
  • Implement security patching as part of the deployment process.
  • Monitor security tools in the deployment pipeline and adjust as necessary to improve automation and effectiveness.
  • Collaborate to enforce standards and to identify and mitigate security risks.
  • Stay current with new technologies and cloud trends, applying them to drive continuous improvement across the organization.
  • Assist software development in writing code to remediate vulnerabilities.

Requirements

  • Proven experience in DevSecOps and software development with a strong focus on security.
  • Strong development background and familiarity with secure software development lifecycle (SDLC) methodologies.
  • Knowledge of scripting languages such as Python.
  • Experience with tools like GitHub Actions, and familiarity with AWS Cloud platform.
  • Proficient in implementing and managing CI/CD pipelines.
  • Understanding of containerization and orchestration technologies, including Docker and Kubernetes.
  • Excellent problem-solving skills and the ability to think analytically.
  • Strong organizational and time management skills, with the ability to prioritize tasks and meet deadlines.

Nice-to-haves

  • Experience with infrastructure as code (IaC) using Terraform, Ansible, AWS CDK, or similar.
  • Knowledge of Threat Modeling and risk assessment techniques.
  • Experience with compliance regulations such as PCI-DSS, SOC2, NIST, etc as they relate to software development and deployment.
  • Strong experience with the Ruby and Rust programming languages.
  • Strong understanding of encryption, authentication, and access control mechanisms.

Benefits

  • Remote-first work environment
  • Opportunities for professional growth and development
  • Supportive and autonomous work culture
  • Diversity and inclusion initiatives
  • Employee engagement programs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service