Upbound Group - Draper, UT
posted about 1 month ago
As an information security DevSecOps Engineer on the Upbound Information Security team, you will be a vital member of a technical and hands-on security team supporting Upbound's product offerings and the cloud infrastructure/services used. You will be a member of the Cloud and Application security team which is responsible for designing, deploying, implementing, automating, and operationalizing all aspects of application and cloud security for all business units across the enterprise. The DevSecOps engineer will work closely with DevOps Engineers and Application Developers to build a strong and scalable security program. You will focus on securing an enterprise multi-cloud environment where you will write sound policy and standards and build automation to support your mission of enabling engineers to operate securely by default. This position will work closely with the application security engineers and other security engineers to impact the entire engineering organization. You will perform hands-on work with all layers and pieces of the technology stack and actively monitor our systems for attacks and intrusions in both on-prem and cloud environments. You will utilize your experience to own and resolve complex security incidents, implement security toolsets as well as automate and operationalize these toolsets to maximize our risk management capabilities. You will address policy questions and resolve security issues of a technical nature and will work with our software engineers to proactively identify and fix security flaws and vulnerabilities in our production environments.