DevSecOps Engineer

Emploi pas sur LinkedIn

🕒 il y a 3 mois

🏛️ District of Columbia – Distant

🏛️ District of Columbia – Remote

💵 $128 490 - $205 580 / an

⏰ Temps Plein

🟠 Senior

🔴 Expert

⛑ Ingénieur DevOps & SRE

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Icmarc

Site WebLinkedInTous les Emplois

- employés

💸 Finance

🤝 B2B

Finance • B2B

Icmarc est un prestataire de services de retraite destiné aux employeurs du secteur public et aux participants individuels. Il propose des services d'administration et de gestion d'investissements pour les régimes de retraite (457(b), 401(a), 401(k), 403(b), épargne santé retraite et IRA), ainsi qu'une éducation financière pour les participants, des services de conseil CFP®, un soutien aux sponsors de plans, un accès aux consultants, des recherches et un plaidoyer législatif. L'entreprise se positionne comme un partenaire pour les sponsors de plans, les consultants et les participants, offrant des produits d'investissement, des conseils professionnels et des ressources éducatives.

Description

• Build relationships with developers, stakeholders, and scrum masters to incorporate security principles into engineering design and application deployments. • Perform security testing and validation of application security controls across projects, ensuring secure design and implementation. • Oversee the implementation of defensive security practices and countermeasures across applications and supporting infrastructure. • Uphold CI/CD security strategy and practices in partnership with other technical team leads, ensuring security is consistently embedded in pipelines. • Demonstrated experience with SAST, SCA, DAST, and IaC scanning tools and methodologies. • Identify vulnerabilities in code through automated and manual assessments and promote efficient remediation. • Apply threat modeling principles to improve design and development practices. • Serve as a point of contact for security-based escalations and remain closely involved in resolution activities. • Build services and tools that enable developers and engineers to easily adopt and use security components produced by the application security team. • Simplify and enhance automation that applies security controls within CI/CD pipelines. • Support shift-left initiatives by incorporating security early and throughout the development lifecycle. • Leverage foundational cloud security architecture knowledge (IAM, containers, baseline hardening).

🎯 Exigences

• Bachelor’s degree (BA/BS) in Finance, Accounting, Business, or a related field, or equivalent professional experience • At least 7+ years’ experience in information technology, information security administration or security operations • Experience with agile workflows, including Scrum and Kanban. • Understanding of containers (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes) • Understanding of CloudFormation, Terraform, Ansible and Jenkins • Proficient in securing Windows and *nix operating systems, endpoint applications, networking protocols and devices • Proven experience with operations and security across Amazon Web Services (AWS) and Microsoft Azure • Proven experience with GitHub Actions • Hands on experience with WIZ • Hands on experience with application security testing (BURP) • Ability to obtain and maintain technical team and business support influences a collaborative effort to reduce the attack surface while performing rapid, continuous implementation • Capable of scripting in Python, Bash, Perl or PowerShell • Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC)

🏖️ Avantages

• Competitive Total Rewards package, including base pay, incentive programs, benefits, and a 401(k) plan with matching contributions • Flexible and hybrid work schedules to support work-life balance • Tuition reimbursement to support continued education • Professional and career development opportunities, including courses and certifications • Comprehensive wellness programs promoting physical, mental, and emotional health • Volunteerism initiatives to encourage community engagement