Las Vegas Sands Corp. - Dallas, TX
posted 22 days ago
Full-time - Principal
Dallas, TX
Amusement, Gambling, and Recreation Industries
About the position
The Principal DevSecOps Engineer is responsible for architecting and implementing comprehensive DevSecOps practices for a casino management system. This role requires a deep technical background in software development, security practices, and operations, focusing on creating secure, scalable, and efficient deployment pipelines. The engineer will lead cross-functional teams to integrate security throughout the software development lifecycle and guide the organization in adopting best practices.
Responsibilities
- Define, champion, and implement a robust DevSecOps strategy that aligns with business objectives, enhances operational efficiency, and ensures regulatory compliance.
- Architect CI/CD pipelines and DevSecOps frameworks that support rapid and reliable software delivery while embedding security at every stage of the development lifecycle.
- Drive the integration of advanced security practices into the development lifecycle, including threat modeling, automated security testing (SAST/DAST), and comprehensive vulnerability management.
- Lead the adoption of IaC tools (e.g., Terraform, AWS CloudFormation) to automate provisioning and management of secure infrastructure.
- Design and oversee secure deployment strategies for single and multi-tenant environments, ensuring optimal resource isolation and performance.
- Implement and optimize monitoring, logging, and alerting systems to ensure system reliability and security compliance.
- Develop incident response plans and security policies, fostering a proactive security culture.
- Partner with development, QA, and operations teams to drive a culture of security awareness and best practices in software development and deployment.
- Provide technical leadership and mentorship to DevSecOps teams, fostering professional growth and promoting a culture of innovation and continuous improvement.
- Establish and maintain comprehensive documentation of DevSecOps processes, standards, and best practices, ensuring alignment across teams.
Requirements
- Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- 10+ years of experience in software development, operations, and security, with at least 5 years in a principal or lead DevSecOps role, preferably in the gaming or casino industry.
- Expertise in CI/CD tools (e.g., Jenkins, GitLab CI, CircleCI) for automating build and deployment processes.
- Extensive experience with configuration management tools (e.g., Ansible, Chef, Puppet) for maintaining system configurations.
- Deep knowledge of containerization technologies (e.g., Docker, Kubernetes) and orchestration for deploying and managing applications at scale.
- Demonstrated experience with IaC tools (e.g., Terraform, AWS CloudFormation) for automating infrastructure provisioning and management.
- In-depth knowledge of security frameworks and tools, including SAST, DAST, and SIEM solutions.
- Strong experience with cloud services (e.g., AWS, Azure, Google Cloud) and their security configurations and best practices.
- Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automating workflows and integrations.
- Exceptional leadership, communication, and collaboration skills to influence and guide diverse teams and stakeholders.
Nice-to-haves
- Experience in the gaming or casino industry.
- Proven track record of driving cultural change within organizations, fostering a proactive approach to security and DevSecOps practices.
