Vings Technologies - Dallas, TX
posted 3 months ago
About the position
We are seeking a highly motivated and security-conscious DevSecOps Engineer to join our team. This role is critical to our security and compliance efforts, ensuring the integrity and confidentiality of our systems and data. The ideal candidate will have hands-on experience with Istio, Envoy, Kubernetes, and Terraform, along with a background in security penetration testing or automated API testing. You will drive our security initiatives in a cloud-native environment, focusing on designing and implementing secure architectures, hardening containerized workloads, and integrating security practices into our CI/CD pipeline. In this position, you will be responsible for designing and implementing secure cloud-native architectures, particularly with a focus on Istio service mesh and Kubernetes container orchestration. You will leverage Terraform for infrastructure as code (IaC) deployments, ensuring that security is integrated from the start. Additionally, you will implement security controls and monitoring solutions to detect and respond to potential threats, collaborating closely with security and compliance teams to ensure adherence to industry standards and regulations. Your role will also involve conducting regular security audits and penetration testing to identify vulnerabilities and recommend remediation strategies. You will develop and maintain documentation for security policies, procedures, and incident response plans, while promoting a culture of security awareness and collaboration within the development and operations teams. Furthermore, you will participate in incident response activities, analyzing security incidents to identify root causes and prevent future occurrences.
Responsibilities
- Design and implement secure cloud-native architectures with a focus on Istio service mesh and Kubernetes container orchestration.
- Harden and secure containerized workloads and microservices using best practices.
- Leverage Terraform for infrastructure as code (IaC) deployments, ensuring security is integrated from the start.
- Implement security controls and monitoring solutions to detect and respond to potential threats.
- Collaborate with security and compliance teams to ensure adherence to industry standards and regulations.
- Conduct regular security audits and penetration testing to identify vulnerabilities and recommend remediation strategies.
- Develop and maintain documentation for security policies, procedures, and incident response plans.
- Integrate security practices and tools into the CI/CD pipeline to automate security testing and vulnerability scanning.
- Implement and maintain security tools for code analysis, dependency management, and vulnerability tracking.
- Promote a culture of security awareness and collaboration within the development and operations teams.
- Participate in incident response activities, including investigation, containment, and recovery.
- Analyze security incidents and identify root causes to prevent future occurrences.
Requirements
- Strong practical experience with Istio service mesh, Envoy proxy, Kubernetes, and Terraform.
- Proficiency in security penetration testing methodologies or automated API testing tools.
- Familiarity with cloud security best practices and cloud-native technologies.
- Understanding of security principles, vulnerabilities, and mitigation techniques.
- Knowledge of industry security standards and compliance regulations.
- Experience in conducting security audits and vulnerability assessments.
- A strong desire to stay abreast of the latest security trends and technologies.
- Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
- Excellent teamwork and collaboration skills, working effectively with cross-functional teams.
Nice-to-haves
- Experience with cloud platforms such as AWS, Azure, or Google Cloud Platform.
- Programming/scripting skills (Python, Java, Bash, etc.).
- Certifications in security and cloud technologies (CISSP, CCSP, etc.).
