DevSecOps Engineer

Duties:

As a DevOps Engineer, you are joining a passionate software engineering team to build digital pathology products to change patients’ lives.
You will design & implement product infrastructure, to automate infrastructure provisioning and troubleshoot issues.
Ultimately, the software you produce will impact patient diagnosis globally.
 

Who you are

You have DevOps engineering experience, and have a passion for automating development workflows and infrastructure provisioning.
Work with management to set priorities.
Excellent communication skills and teamwork is a must!
Key Responsibilities:

Security Integration:

Integrate security tools, practices, and processes into the CI/CD pipeline.
Implement security best practices for code repositories, build processes, and deployment.
Collaborate with development teams to ensure secure coding standards are followed.
Automation:

Automate security testing (e.g., static code analysis, dynamic application security testing, and vulnerability scanning).
Develop and maintain infrastructure as code (IaC) scripts for secure deployment and configuration management.
Monitoring and Incident Response:

Monitor system vulnerabilities and automate patch management.
Establish and maintain real-time monitoring, alerting, and response procedures for security incidents.
Collaboration and Training:

Work closely with development and operations teams to integrate DevSecOps practices.
Provide training and support to team members on security best practices and tools.
Foster a culture of continuous improvement through feedback, automation, and innovation.
Documentation and Compliance:

Document security procedures, practices, and preventive measures.
Ensure compliance with industry standards and regulations (e.g., GDPR, HIPAA, PCI-DSS).
 

Required Qualifications:

Education:

Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Equivalent work experience is also acceptable.
 

Experience:

6+ years of experience in DevSecOps, DevOps, cybersecurity, or related fields in custom software development.
Proven experience with CI/CD tools such as Jenkins, Github Actions, or Azure DevOps.
Hands-on experience with security tools such as Snyk, SonarQube, OWASP ZAP, Burpsuite, or Mayhem API.
Strong experience working with AWS platform and on premise deployments.