Senior DevSecOps Engineer

$105,100 - $156,500/Yr

Prudential Financial - Newark, NJ

posted 23 days ago

Full-time - Mid Level
Newark, NJ
Insurance Carriers and Related Activities

About the position

As a DevSecOps Engineer at Prudential, you will be instrumental in shaping and maintaining the company's security posture. This role involves providing feedback to security teams, implementing tools and policies for security standards, and collaborating with developers to address security challenges. You will be at the forefront of security efforts, ensuring the protection of Prudential's digital assets.

Responsibilities

  • Continuously improve the security postures of applications, containers, cloud, and data
  • Advise enterprise teams developing standards for security, quality, and controls
  • Implement prevention/detection/remediation policies
  • Empower developers to understand and manage their security issues
  • Develop process workflows to ensure security issues are properly resolved
  • Generate security benchmarks and audit reports
  • Partner with security vendors to enhance their products
  • Bring awareness to emerging technologies and threats

Requirements

  • Bachelor of Computer Science or Engineering or experience in related fields
  • 3+ years in software engineering, devops, and/or security
  • Experience in one or more of the following languages: Python, Javascript, Go, or Rust
  • Experience with Policy-as-Code and querying languages: GraphQL, Rego, Sentinel, HCL, OVAL, CodeQL, datalog, Kusto
  • Familiarity with API development and 3rd parties integration
  • Familiarity with different types of infrastructure: servers, serverless, containers, cloud, networking, mobile
  • Familiarity with system architectures: Monolithic, event-driven, n-tier, microservices, MVC, distributed
  • Knowledge of application security specific topics: SDLC, DevSecOps, IAM, cloud/mobile/container security
  • Experience managing security tools: SAST, SCA, DAST, xSPM, secret scanners
  • Familiarity with security data sources and formats: CVE, CWE, CPE, SBOM, VEX, CVSS, CAPEC, SARIF, CycloneDX
  • Familiarity with industry standard security frameworks: SOC2, NIST, ATT&CK, CIS, ISO 27001/27002
  • Familiarity with common identity standards and formats: SAML, OAuth, SCIM, LDAP, JWT, Kerberos, OpenID
  • Implemented a DevOps pipeline and experience with tooling
  • Understanding of Agile methodologies
  • Experience in process engineering and developing workflows
  • Strong background with git including merging and branching strategies
  • Ability to document user guides, bugs/defects, features, and SOPs

Nice-to-haves

  • Financial/Insurance industry experience is a plus, not a must

Benefits

  • Paid time off
  • Medical insurance
  • Dental insurance
  • Retirement benefits

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service