Systems Engineer 3 (Senior DevSecOps Engineer)

$84,365 - $127,296/Yr

Metropolitan Council - Saint Paul, MN

posted 4 months ago

Full-time - Mid Level
Saint Paul, MN
101-250 employees
Executive, Legislative, and Other General Government Support

About the position

The Metropolitan Council is seeking a highly skilled and motivated Azure-focused DevSecOps Engineer to join our Information Services team. This position is crucial for architecting and implementing secure, scalable, and efficient development environments that support the core services of the Council. As a DevSecOps Engineer, you will be responsible for ensuring best practices in container development and managing infrastructure as code (IaC). You will collaborate closely with development and operations teams to provide secure environments for developers to build and test applications without requiring local admin rights. This role is eligible for a hybrid telework arrangement, allowing for both remote and onsite work, with candidates required to reside in Minnesota or Wisconsin. In this role, you will design, implement, and manage secure development environments on Azure, ensuring compliance with industry standards and regulations. You will develop and maintain containerization strategies using tools like Docker and Kubernetes, implementing security best practices and automating deployment processes. Additionally, you will be responsible for developing and maintaining infrastructure as code using tools such as Terraform and Azure Resource Manager templates, ensuring that scripts are secure and maintainable. Your work will also involve providing developers with secure environments, conducting regular security assessments, and implementing data security measures to protect sensitive information. The ideal candidate will have a strong background in architecting secure development environments, container development, and infrastructure as code, along with a solid understanding of security best practices within the Azure ecosystem. You will play a key role in ensuring that our development methodologies and environments maintain compliance with data protection regulations, such as PCI-DSS. This position offers the opportunity to make a significant impact on the Twin Cities metropolitan area while enjoying a competitive salary and excellent benefits.

Responsibilities

  • Design, implement, and manage secure, scalable development environments on Azure.
  • Develop and enforce security best practices in the development lifecycle, specifically within Azure services.
  • Develop and maintain containerization strategies using tools like Docker and Kubernetes within Azure Kubernetes Service (AKS).
  • Implement container security best practices, utilizing Azure Security Center and Azure Defender for Containers.
  • Automate container deployment and management processes using Azure DevOps and AKS.
  • Regularly update and patch container images to mitigate vulnerabilities.
  • Develop and maintain infrastructure as code using tools like Terraform, Ansible, or Azure Resource Manager (ARM) templates.
  • Collaborate with development and operations teams to automate infrastructure provisioning and management on Azure.
  • Provide developers with secure environments to build and test applications on Azure.
  • Conduct regular security assessments and audits using Azure Security Center to ensure a secure development environment.
  • Obfuscate live data used in development and testing environments to prevent unauthorized access to sensitive information.
  • Use Azure Key Vault and privileged access management (PAM) tools to manage secrets, keys, and certificates securely.
  • Ensure all live data used in non-production environments is obfuscated or anonymized to protect sensitive information.
  • Implement data encryption at rest and in transit using Azure's encryption services.
  • Maintain strict access controls and monitor access to sensitive data, leveraging Azure AD and Azure Monitor.

Requirements

  • Bachelor's degree in Systems Administration, Systems Engineering and Design, Systems Security, or related field and 5 years of experience; or an Associate's degree and 7 years of experience; or a high school diploma/GED and 9 years of experience.
  • Experience in architecting and implementing secure development environments.
  • Experience with container development and orchestration using Docker and Kubernetes.
  • Proficiency in infrastructure as code (IaC) tools such as Terraform, Ansible, or Azure Resource Manager (ARM) templates.
  • Experience with CI/CD pipelines and tools like Azure DevOps, Jenkins, or GitLab CI.
  • Knowledge of security best practices in software development and infrastructure management, particularly within the Azure ecosystem.
  • Familiarity with Azure cloud services, including Azure Active Directory, Azure Security Center, and Azure Key Vault.

Nice-to-haves

  • Relevant certifications such as Certified Kubernetes Administrator (CKA), AWS Certified DevOps Engineer, or similar.
  • Experience with monitoring and logging tools like Prometheus, Grafana, or ELK Stack.
  • Knowledge of compliance frameworks such as GDPR, HIPAA, or PCI-DSS.
  • Excellent problem-solving skills and the ability to work independently as well as collaboratively.
  • Strong communication skills and the ability to explain complex technical concepts to non-technical stakeholders.
  • Ability to work and collaborate with teammates and stakeholders with diverse viewpoints and backgrounds.

Benefits

  • Competitive salary
  • Excellent benefits
  • Good work/life balance
  • On-site training and tuition reimbursement

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service