DevSecOps Specialist (REMOTE)

$91,600 - $114,000/Yr

EnerSys - Reading, PA

posted about 1 month ago

Full-time - Mid Level
Remote - Reading, PA
5,001-10,000 employees
Electrical Equipment, Appliance, and Component Manufacturing

About the position

The DevSecOps Specialist at EnerSys is responsible for integrating security practices into the DevOps processes, ensuring that security is prioritized throughout the software development lifecycle. This role requires collaboration with development, operations, and security teams to foster a security-first mindset and protect applications, infrastructure, and products.

Responsibilities

  • Implement the organization's security strategy within the DevOps pipeline, ensuring alignment with overall business objectives.
  • Act as a liaison between the Information Security team and DevOps teams, ensuring that security considerations are embedded into every stage of the software development and deployment process.
  • Assist in the development and execution of incident response plans, focusing on quick detection, mitigation, and resolution of security incidents.
  • Ensure that all DevSecOps practices meet regulatory and compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
  • Develop and deliver cybersecurity training programs for DevOps teams to promote awareness and adherence to best practices.
  • Evaluate, deploy, and manage security tools and technologies that integrate with the DevOps pipeline, such as SAST, DAST, and container security tools.
  • Keep up to date on emerging threats, incorporating threat intelligence into security practices and providing proactive defenses.
  • Stay up to date on regulatory developments and industry trends.
  • Perform other duties as assigned.

Requirements

  • A degree in a technical field (Computer Science, Information Systems, or Cybersecurity) is preferred but not required.
  • Proven experience in securing DevOps environments, integrating security practices into DevOps pipelines and automating security processes required.
  • Strong experience with cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-native applications.
  • Strong understanding of cybersecurity principles, risk management frameworks, and compliance standards (e.g., SOX, NIST CSF, ISO 27001, SOC-2, HIPAA, GDPR).
  • Experience with threat modeling, penetration testing, and secure software development practices.
  • Excellent communication and interpersonal skills: Oral, written and listening.
  • Strong analytical and problem-solving abilities.
  • Ability to work independently and collaboratively in a cross-functional environment.
  • Relevant IT certification (e.g., CDP, CISSP, CEH) other relevant certifications is preferred.

Nice-to-haves

  • Experience with threat modeling and penetration testing.
  • Relevant IT certifications such as CDP, CISSP, or CEH.

Benefits

  • Paid time off plus paid holidays
  • Medical/dental/vision insurance plan
  • Life insurance, short/long term disability
  • Tuition reimbursement
  • Flex spending
  • Employee stock purchase plan
  • 401K plan

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service