DevSecOps Engineer

Summary

We are seeking a highly motivated and security-conscious DevSecOps Engineer to join our team. You will be a critical part of our security and compliance efforts, ensuring the integrity and confidentiality of our systems and data. Your hands-on experience with Istio, Envoy, Kubernetes, and Terraform, coupled with your security penetration testing or automated API testing experience, makes you an ideal candidate to drive our security initiatives in a cloud-native environment.

Responsibilities 

Security Architecture and Implementation

Design and implement secure cloud-native architectures with a focus on Istio service mesh and Kubernetes container orchestration

Harden and secure containerized workloads and microservices using best practices

Leverage Terraform for infrastructure as code (IaC) deployments, ensuring security is baked into the process from the start

Implement security controls and monitoring solutions to detect and respond to potential threats

Compliance and Security Auditing

Collaborate with security and compliance teams to ensure adherence to industry standards and regulations

Conduct regular security audits and penetration testing to identify vulnerabilities and recommend remediation strategies

DevSecOps Integration

Integrate security practices and tools into the CI/CD pipeline to automate security testing and vulnerability scanning

Implement and maintain security tools for code analysis, dependency management, and vulnerability tracking

Promote a culture of security awareness and collaboration within the development and operations teams

Incident Response

Participate in incident response activities, including investigation, containment, and recovery

Analyze security incidents and identify root causes to prevent future occurrences