Find A Job

Sr DevSecOps Engineer

Warren, NJ | Technical
Job ID: 91637
Listed on 7/1/2019

KellyMitchell matches the best IT and business talent with premier organizations nationwide. Our clients, ranging from Fortune 500 corporations to rapidly growing high-tech companies, are exceptionally served by our 1500+ IT and business consultants. Our industry is growing rapidly, and now is a great time to launch your career with the KellyMitchell team.

 

Title: Sr DevSecOps Engineer

 

Job Description & Responsibilities

  • Build and maintain an AWS cloud infrastructure architecture aligning security, compliance, performance and resilience 
  • Provide expertise and best practices for implementing cloud security (internal) and product security (external) 
  • Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives 
  • Oversee the management and remediation of identified security flaws within our development platforms 
  • Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs 
  • Build and maintain a set of tools that enable developers to self-serve for most operational tasks 
  • Develop processes that produce artifacts that support security and compliance requirements 

 

Skills, Experiences, Knowledge

  • Bachelor’s Degree or higher in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience 
  • 4+ years experience with Security Best Practices, implementing enterprise-grade security solutions 
  • 3+ years experience with AWS development and management (AWS Associate certification or higher preferred) 2+ years experience writing code or scripts in a modern programming or scripting language (Java, Python, Ruby, etc) 
  • One or more recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK
  • Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development 
  • Significant knowledge of AWS systems, including EC2, IAM, CloudWatch, CloudTrail, Config, Lambda, Security Groups, VPCs, WAF, Guard Duty, Inspector, etc… 
  • Experience with cloud-based security management/IDS/IPS/SIEM tools, such as Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, etc… 
  • Programming or scripting experience with a popular modern language utilized by above tools (Java, Python, Ruby, etc) 
  • Experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports 
  • Life-long learner – always looking to stay up to date with latest attack vectors, vulnerabilities, remediation and protection paradigms, etc… 
  • Self-motivated, proactive, driven individual 

 

Nice-to-have skills/experiences

  • Knowledge of one or more SSO methodologies (SAML, LDAP, MS AD) 
  • Experience in performing security vulnerability assessments, good familiarity with regulations like PCI and SOX 
  • Strong interpersonal, oral, and written communication skills 
  • Ability to work in a fast-paced, rapidly changing, Agile, competitive environment 
  • Ability to work independently and in group environments