Garmin International - Olathe, KS
posted about 2 months ago
We are seeking a full-time DevSecOps Cyber Engineer 2 in our Olathe, KS location. In this role, you will be responsible for ensuring adherence to Garmin's information security strategy, programs, and best practices. You will need to understand automated security capabilities leveraging best-of-breed tools and processes to inject security into the operational cyber security pipeline. This position requires a comprehensive understanding of the DevOps life cycle, including inception, design, build, test, release, support, and maintenance phases, from a cyber security perspective. As a DevSecOps Cyber Engineer, you will serve as an experienced security expert, displaying extensive proficiency and technical knowledge of cybersecurity pertaining to threats, vulnerabilities, intrusion techniques, and defensive methodologies. You will perform DevOps automation using tools such as Chef, Puppet, Ansible, GitHub, and Bitbucket, and integrate multiple cyber security tools with a focus on API Security, Container Security, and AWS Cloud Security. Your role will also involve developing code that meets Amazon AWS Policy, Configuration, and Security Management tools, as well as writing reusable, testable, and efficient code that aligns with Information Security frameworks and standards such as CIS, NIST, and RFC2196. You will participate in performance tuning, improvement, balancing, usability, and automation, and perform basic System Engineer tasks on Linux distributed systems. Log analysis via Kibana will be part of your responsibilities, along with collaborating in security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, and Security Monitoring tools. You will be responsible for configuring, implementing, and leveraging computer security and networking diagnostic/monitoring tools, and interacting with APIs and Plugins to integrate security tools into established CI/CD pipelines. Additionally, you will perform cost analysis and vendor comparisons for projects to ensure cost-effectiveness and efficient operations. Effective communication regarding system operations and environment changes is essential, as is a basic understanding of Garmin's business model, including Engineering, Operations, Finance, Sales, and Marketing. You will also be expected to research new technologies, propose cost-effective solutions, and contribute to broader technology solutions outside your discipline, serving as a leader of change and coordinating department-level non-project changes.