Job Overview
We are in search of an accomplished Senior DevSecOps Engineer with extensive expertise in Governance, Risk, and Compliance (GRC) to join our forward-thinking team on a long-term contractual basis. This is an entirely remote position, providing you the flexibility to work from anywhere while playing a significant role in enhancing security and compliance initiatives within a rapidly expanding organization.
Key Responsibilities
- Compliance Integration: Partner with legal, security, and operational teams to establish and verify compliance controls (SOC 2, GDPR, OFAC).
- SOC 2 Renewals: Oversee the renewal process for SOC 2 compliance, conducting audits of controls and collaborating with Vanta to ensure readiness.
- Security and Automation: Create and sustain automation scripts (primarily in Python) for security-related tasks and compliance monitoring.
- Infrastructure & IP Management: Leverage Cloudflare to manage IP tables and implement country-specific access controls, contributing to IP integrations, potentially utilizing chain analysis tools.
- DevOps Support: Assist in the management of DevOps infrastructure utilizing tools like Ansible and Kubernetes to ensure secure and effective deployment pipelines.
- GRC Focus: Contribute to the management of Governance, Risk, and Compliance processes, particularly regarding data privacy standards such as GDPR.
Required Skills
- Proven experience in DevSecOps, particularly focused on GRC.
- Familiarity with compliance frameworks such as SOC 2, GDPR, and OFAC.
- Experience with Vanta or similar compliance management tools is advantageous.
- Strong scripting proficiency in Python for automation and integration tasks.
- Hands-on experience with Ansible and Kubernetes for managing DevOps infrastructure.
- Knowledge of Cloudflare for IP management and security controls.
- Understanding of access control systems and security best practices.
- Excellent communication skills to facilitate collaboration across technical, legal, and business teams.
Qualifications
- Demonstrable experience in DevSecOps with a strong focus on Governance, Risk, and Compliance principles.
- Familiarity with key compliance frameworks, including SOC 2, GDPR, and OFAC.
- Experience with compliance management tools such as Vanta is preferred.
- Strong Python scripting skills for automation purposes.
- Practical experience with Ansible and Kubernetes.
- Knowledge of Cloudflare for the implementation of security controls.
- Familiarity with access control systems and security best practices.
Career Growth Opportunities
Joining our organization means gaining access to a plethora of professional development opportunities, enabling you to enhance your skills in a supportive and innovative environment.
Company Culture And Values
Our company fosters a culture of collaboration and innovation, creating a dynamic and fast-paced environment centered around cutting-edge technologies. We value open communication and teamwork across departments to ensure every team member contributes meaningfully to our collective success.
Networking And Professional Opportunities
This role presents a unique opportunity to engage with a diverse network of professionals, enhancing your skills while collaborating on critical security and compliance initiatives in the industry.
Employment Type: Full-Time