Devsecops Engineer
Fulltime
Remote Position - Prefer Candidates Located in the East Coast
Requirements:
- Minimum 8 years of related work experience in SDLC & cloud ops
- Demonstrated experience in Cloud computing technologies, full stack deployments etc.
- Demonstrated experience in K8S, AWS or GCP, Docker and other cloud native tools
- Demonstrated experience in Jenkins/ArgoCD/Tekton or another common CI/CD tool chain
- Demonstrated skills in Sigstore, SBOM, SLSA and secure software supply chain management.
- Ability to develop Terraform, K8S manifests or other forms of infrastructure as code
- Ability to codify Rego or Cedar policies
- Demonstrated experience in SAST & DAST tools (Checkmarx, Snyk, Mayhem, BurpSuite, ZAP etc)
- Demonstrated experience automating security controls (eg shell scripting, python)
- In-depth experience in managing information security and privacy risks and threat modeling.
- In-depth experience in vulnerability handling pre and post-market launch
- In-depth experience in system and cloud infrastructure hardening
- Strong understanding of industry standards: ISO 27000 family and HITRUST
- BA/BS in Business, Information Systems, Computer Science or a related relevant area of study is a plus
- Certifications are a plus: SANS GIAC (GCIH, GPEN, GCIA, GCFA and others) , CEH, CISSP, CISA, CISM, LA ISO27001.