Talent.com
DevSecOps Engineer

DevSecOps Engineer

Omni InclusiveAustin, TX, United States
6 days ago
Job type
  • Full-time
Job description

Job Title : DevSecOps Engineer (Cloud Security & Compliance Focus)

We are seeking a highly motivated and security-conscious DevSecOps Engineer to join our team. You will be a critical part of our security and compliance efforts, ensuring the integrity and confidentiality of our systems and data. Your hands-on experience with Istio, Envoy, Kubernetes, and Terraform, coupled with your security penetration testing or automated API testing experience, makes you an ideal candidate to drive our security initiatives in a cloud-native environment.

Responsibilities :

  • Security Architecture and Implementation :

Design and implement secure cloud-native architectures with a focus on Istio service mesh and Kubernetes container orchestration.

  • Harden and secure containerized workloads and microservices using best practices.
  • Leverage Terraform for infrastructure as code (IaC) deployments, ensuring security is baked into the process from the start.
  • Implement security controls and monitoring solutions to detect and respond to potential threats.
  • Compliance and Security Auditing :

    • Collaborate with security and compliance teams to ensure adherence to industry standards and regulations.

  • Conduct regular security audits and penetration testing to identify vulnerabilities and recommend remediation strategies.
  • Develop and maintain documentation for security policies, procedures, and incident response plans.
  • DevSecOps Integration :

    • Integrate security practices and tools into the CI / CD pipeline to automate security testing and vulnerability scanning.

  • Implement and maintain security tools for code analysis, dependency management, and vulnerability tracking.
  • Promote a culture of security awareness and collaboration within the development and operations teams.
  • Incident Response :

    • Participate in incident response activities, including investigation, containment, and recovery.

  • Analyze security incidents and identify root causes to prevent future occurrences.

    • Qualifications :

  • Hands-on Experience :

    • Strong practical experience with Istio service mesh, Envoy proxy, Kubernetes, and Terraform.

  • Proficiency in security penetration testing methodologies or automated API testing tools.
  • Familiarity with cloud security best practices and cloud-native technologies.
  • Security and Compliance Knowledge :

    • Understanding of security principles, vulnerabilities, and mitigation techniques.

  • Knowledge of industry security standards and compliance regulations.
  • Experience in conducting security audits and vulnerability assessments.
  • Passion for Security :

    • A strong desire to stay abreast of the latest security trends and technologies.

  • Enthusiasm for sharing knowledge and promoting security best practices within the team.
  • Strong Communication and Collaboration :

    • Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.

  • Excellent teamwork and collaboration skills, working effectively with cross-functional teams.

    • Additional Desirable Skills :

  • Experience with cloud platforms such as AWS, Azure, or GCP.
  • Programming / scripting skills (Python, Java, Bash, etc.)
  • Certifications in security and cloud technologies (CISSP, CCSP, etc.)
    • Create a job alert for this search

    Engineer • Austin, TX, United States