DevSecOps Engineer

What You Will Do

We are looking for a passionate DevSecOps engineer to join our team. As a DevSecOps Engineer, you will play a critical role in ensuring the security of our software development processes and infrastructure including FedRAMP compliant environment. Your expertise in both development and security will contribute to the successful delivery of high-quality, secure AI solutions to our customers. To be successful, you'll be partnering with infrastructure, security, machine learning, search, and data teams to identify their DevOps and security needs and implement solutions. This is an opportunity to play an integral role at the fastest-growing AI company in its space.

Secure Infrastructure: Design, implement, and maintain secure infrastructure and environments (which includes FedRAMP compliant environment) consisting of applications, containers, virtual machines and cloud infrastructure.
Vulnerability Management: Collaborate with teams to remediate and mitigate identified vulnerabilities. Also, work with the security team to assess vulnerabilities as well as identify potential security risks and weaknesses in the system.
Security Automation: Develop and maintain security automation tools and scripts to streamline security processes and patch management as well as ensure consistent application of security controls across deployment pipelines and infrastructure.
Incident Response: Respond to security incidents promptly, perform root cause analysis, and implement measures to prevent future occurrences.
Security Audits and Compliance: Assist in security audits and compliance assessments to ensure adherence to industry standards and regulations. Collaborate with internal and external auditors to address any security-related findings.
Collaboration and Documentation: Work closely with developers and security teams to identify security requirements and implement appropriate solutions. Maintain clear and comprehensive documentation of security practices, standards, and procedures.

What You Bring To The Table

Bachelor's degree in computer science, information security, or a related field.
2+ years of experience as DevSecOps / DevOps engineer.
Good knowledge of software development processes and CI/CD pipelines.
Proficiency in programming and scripting languages such as Python and Bash.
Understanding of security principles, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10).
Familiarity with security tools and technologies such as static code analysis, vulnerability scanners, intrusion detection/prevention systems, and SIEM solutions.
Experience with vulnerability management and automating processes for resolving vulnerabilities.
Experience with cloud platforms (e.g., AWS, Azure, Google Cloud) and containerization technologies (e.g., Docker, Kubernetes).
Experience with infrastructure-as-code tools (e.g., Terraform, CloudFormation). Knowledge of security frameworks and standards (e.g., ISO 27001, NIST, PCI DSS).
An appetite for working at a startup pace on challenging problems with a high degree of ownership.