Development, Security and Operations Engineer

This is a remote position.

• Develop and implement security best practices across CI/CD pipelines.
  
• Automate security scanning and testing to identify vulnerabilities early in the development
  process.
  
• Automate security scanning processes, including Static Application Security Testing (SAST),
  Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
  
• Collaborate with development teams to ensure secure coding practices in Angular, React,
  NodeJS, and .NET applications.
  
• Configure and manage GitLab for secure source code repository management and version
  control.
  
• Implement security measures in Jenkins and Azure DevOps to ensure safe and efficient CI/CD
  workflows.
  
• Utilize VS Code for secure coding and development best practices.
  
• Manage security configurations and monitoring tools such as Grafana and Kibana.
  
• Integrate and support security compliance in JIRA for project tracking and development
  workflows.
  
• Utilize FIGMA to assess and secure application designs before implementation.
  
• Implement logging, monitoring, and alerting solutions to detect and respond to security incidents.
  
• Conduct security assessments and vulnerability scans across applications and infrastructure.
  
• Stay up to date with emerging security threats and industry trends, applying relevant security
  measures proactively.
  
• Provide guidance and training to development and operations teams on security best practices.
  
• Performs other duties as required to support the business and evolving organization.
  

• Bachelors of Science degree in Computer Science, Information Technology, Cybersecurity, or a
  related technical discipline required.
  
• Certified Ethical Hacker (CEH) or equivalent security certification required.
  
• Minimum of five (5) years of experience in DevSecOps, security engineering, or a related
  cybersecurity role, with a demonstrated ability to secure development pipelines and integrate
  security into the software lifecycle required.
  
• In-depth understanding of secure software development lifecycle (SDLC) principles and
  methodologies.
  
• Minimum of three (3) years of hands-on experience implementing and managing container
  security for Docker and Kubernetes (K8s) required.
  
• Minimum of three (3) years’ experience utilizing industry-standard security tools for vulnerability
  scanning, static and dynamic code analysis, and penetration testing required.
  
• Proficient in front-end and back-end programming languages with at least three years of
  experience in Angular, React, NodeJS, and .NET.
  
• Minimum of three (3) years’ experience developing and maintaining security automation using
  scripting languages such as PowerShell, Python, Bash, or YAML required.
  
• Minimum of three (3) years of in-depth experience integrating security controls within CI/CD
  pipelines using tools such as GitLab and Jenkins required.
  
• Minimum of two (2) years of experience using monitoring and logging tools such as Grafana and
  Kibana for observability and threat detection required.
  
• Minimum of two (2) years’ experience using tools like JIRA for secure project tracking and FIGMA
  for secure design collaboration and implementation required.
  
• Minimum of three (3) years of experience designing and deploying Infrastructure as Code (IaC)
  security policies using Terraform, Ansible, or AWS CloudFormation required.
  
• Strong analytical and troubleshooting skills, with a proven ability to identify, assess, and resolve
  complex security issues.
  
• Demonstrated ability to communicate effectively with cross-functional teams and stakeholders,
  including writing and presenting technical security documentation and policies.
  

• Strong organizational, multi-tasking, and prioritizing skills.
  
• Ability to work independently and apply sound judgment to various situations.
  
• Ability to work within critical deadlines and collaborate effectively with cross-functional teams.
  
• Excellent verbal and written communication skills.