DevSecOps – Staff Engineer

Forbes Advisor is a new initiative for consumers under the Forbes Marketplace umbrella that provides journalist- and expert-written insights, news and reviews on all things personal finance.

We are an experienced team of industry experts dedicated to helping readers make smart decisions and choose the right products with ease. Marketplace boasts decades of experience across dozens of geographies and teams. The team brings rich industry knowledge to Marketplace’s global coverage of consumer credit, debt, health, home improvement, banking, investing, credit cards, small business, education, insurance, loans, real estate and travel.

A DevSecOps Staff Engineer integrates security into DevOps practices, designing secure CI/CD pipelines, building and automating secure cloud infrastructure and ensuring compliance across development, operations, and security teams.

Responsibilities

• Design, build and maintain secure CI/CD pipelines utilizing DevSecOps principles and practices to increase automation and reduce human involvement in the process
• Integrate tools of SAST, DAST, SCA, etc. within pipelines to enable automated application building, testing, securing and deployment.
• Implement security controls for cloud platforms (AWS, GCP), including IAM, container security (EKS/ECS), and data encryption for services like S3 or BigQuery, etc.
• Automate vulnerability scanning, monitoring, and compliance processes by collaborating with DevOps and Development teams to minimize risks in deployment pipelines.
• Suggesting architecture improvements, recommending process improvements.
• Review cloud deployment architectures and implement required security controls.
• Mentor other engineers on security practices and processes.

Requirements

• Bachelor's degree, preferably in CS or a related field, or equivalent experience
• 10+ years of overall industry experience with AWS Certified - Security Specialist.
• Must have implementation experience using security tools and processes related to SAST, DAST and Pen Testing
• AWS-specific: 5+ years’ experience with using a broad range of AWS technologies (e.g. EC2, RDS, ELB, S3, VPC, CloudWatch) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security.
• Experienced with CI/CD tool chain (GitHub Actions, Packages, Jenkins, etc.)
• Passionate about solving security challenges and being informed of available and emerging security threats and various security technologies.
• Must be familiar with the OWASP Top 10 Security Risks and Controls
• Good skills in at least one or more scripting languages: Python, Bash
• Good knowledge in Kubernetes, Docker Swarm or other cluster management software.
• Willing to work in shifts as required

Good to Have

• AWS Certified DevOps Engineer
• Observability: Experience with system monitoring tools (e.g. CloudWatch, New Relic, etc.).
• Experience with Terraform/Ansible/Chef/Puppet
• Operating Systems: Windows and Linux system administration.

Perks:

• Day off on the 3rd Friday of every month (one long weekend each month)

• Monthly Wellness Reimbursement Program to promote health well-being

• Monthly Office Commutation Reimbursement Program

• Paid paternity and maternity leaves

Any full time degree