Back to results

DevSecOps Engineer

Pittsburgh, United States

Job details

  • Salary: $180,000.00
  • Sector: Cyber Security
  • Type: Permanent

DevSecOps Engineer - Financial Services Firm
FIRM: Fortune 500 financial services institution.


LOCATION:

  • Fully remote in Continental US.
  • Preferably working ET or CT time zones.
  • Occasional 15% travel for team building purposes.
CONTEXT:
  • The firm has a global Cybersecurity organization of 150 FTE. You will report directly to the Manager of Product Security & Security Architecture.
  • A new CSO joined a few months ago who helped finetune the Security strategy and priorities for 2024 and beyond (15 months).
  • The firm has identified 6 strategy and priority pillars for 2024 and beyond. This includes initiatives such as Intelligent Threat Management, Gen AI, SOC and Zero Trust.  
  • Why do we need DevSecOps Engineers? This falls under the priority of Zero Trust, Identity and Role-Based-Access Controls. Identity reasons. The firm is looking to improve and mature the design and control over their systems (Azure DevOps, GitHub) and processes.
  • Looking for 2x Engineers to almost work in an Advisory/Consulting capacity to demonstrate ‘how to do DevSecOps in the proper way’. Acting like a “Small Center of Excellence.”
    • For example, “when you create CI/CD pipelines, you check in the source code, pool requests, this is what you do next etc.”
DAY TO DAY REPSONSBILITIES:
  • Designing, implementing, championing, and managing unified DevOps systems and patterns.
  • It is a disconnected environment with different legacy systems, tech and a lot of Developers and different users.
    • You will be responsible for going into ‘DevOps instances’ and policies i.e. hands-on set the user submissions right for the pattern, onboard people to get the system under control, align role-based-access-controls etc.
    • Help build and integrate security controls into the CI/CD pipelines (using Terraform/Ansible). Right now, pipelines sit with SCCM team so not good for developers and the security controls are not mature enough.
    • This group will “act as a Center of Excellence”, how to deploy, build and get controls policies in place for pipelines and get handle on the DevOps approach.
    • Building this from scratch. Setting guidelines and policies.
  • Looking to get to a more thought-out DevOps systems, patterns and automate the enforcement of it.

MUST HAVE REQUIREMENTS:
  • 3+ years of recent hands-on DevSecOps experience. Cybersecurity expertise.
  • Experience with automating infrastructure and application deployments (CI/CD).
  • Hands-on experience with Terraform (IaC) or Ansible - with a preference towards Terraform.
  • Experience configuring and securing Azure DevOps (must have)
  • Current scripting experience in one or more languages (Python, Powershell or Bash)
  • Former or current networking experience i.e. reverse proxying, WAF configuration and TCP/IP
  • Understanding of container technologies and tooling (Kubernetes preference)
  • US Citizen
NICE TO HAVE REQUIREMENTS:
  • Architecture/design experience
  • Experience with Docker, Helm, WSL, and Kubernetes
  • Experience Amazon Web Services or Google Cloud Platform
  • Financial services experience

INTERVIEW PROCESS:
  • Typically 4 interview processes.

Upload & send your CV

Job searching doesn’t have to be difficult. Let us help with your job search.

Please enable JavaScript in your browser to complete this form.
Click or drag a file to this area to upload.
Accept T&C and privacy policy
Accept contact policy

Looking for jobs around the globe?

We work with some of the most innovative companies around the world, and pride ourselves on matching our candidates with high-quality opportunities. Elevate your career today!