***Not able to use 3rd Party Agencies***
Our client is seeking a DevSecOps Engineer to join their team. As the DevSecOps Engineer, you will be part of a dedicated business and technical team responsible for delivering a cloud based, scalable, fault-tolerant, modernized business systems. Your mission is to design and implement a DevSecOps solution, including ensuring end-to-end automation of CI/CD pipeline. You will apply Agile best practices to collaborate and participate in creating user stories for test cases to ensure the delivery of solutions.
It’s not just the technical skills you bring to solve technical problems, it is the mindset you bring to be part of a great team undertaking digital transformation.
They are looking for engineers that are:
Driven to Win as a Team: Constantly pursing exceptional results that help us win in the market
Respect for Teammates: Value diverse identities, backgrounds, talent and perspectives
Collaboration: Works collaboratively with all team members, integrate perspectives; and encourage other’s contributions
Adaptable: Quickly adapts to customer feedback by adjusting team priorities to fit new circumstances
You must be pragmatic, results-driven and able to articulate complex security concepts to all audiences, ranging from technical contributors (inside and outside the company) to executive leadership. Our client is on a multi-year program to modernize key infrastructure and business systems. These programs are in flight now and we are looking for a team member who is a security thought leader, consensus builder and a strong player & coach and builder of teams.
Engineer, Implement, and support public cloud security services such as:
“Secure by default” functionality in CI/CD pipelines.
Ensure the implementation of monitoring, and infrastructure management in a cloud environment.
Participate in developing, implementing, and enforcing policies and procedure to enhance system security (i.e., Data protection processes and functionality, security and compliance monitoring, and infrastructure and application vulnerability management).
Maintain highly available and resilient applications in a production environment.
Implement best practices based on industry frameworks such as OWASP Top 10.
Implement and maintain automation to support deployment and updates to security policies.
Provide accurate and up-to-date information on all cloud services and serve as a consultant on how to solve business use cases.
Ensure that solutions are deployed and consumed in a secure manner.
Assist in determining the direction of current and future developments in the DevSecOps strategy.
Work across development and operational environments.
Stay abreast of software testing technologies and best practices.
The candidate will be expected to advise and implement security technologies into a modern DevOps organization and instill a culture of security in the development of insurance products, technology infrastructure and services. They are looking for a technical player & coach with a demonstrated track record of:
Communicating effectively to achieve alignment both within and without the immediate team
Expert knowledge of Cloud security principles.
Ability to multitask and remain flexible to changing strategies and re-prioritized tasks.
Building secure infrastructures as code including microservice architectures.
Programming with scripting languages (i.e., Python, awscli, Bash, JSON, etc.).
Executing on SOA principles.
Working knowledge of token-based authentication technologies (OAuth, OpenID Connect).
Expert DevSecOps and secure coding practices.
Strong network and infrastructure security knowledge.
In depth Azure security functionality.
Cloud security and DevSecOps expertise is required.
Strong Candidates Will Have:
Modern technologist and thinker experience. Views security as an enabler, not an inhibitor to innovation.
Experience solving identify and access management needs in networks and systems based on cloud infrastructure (AWS, GCP, Azure) and traditional enterprise environments (IT, endpoints, business apps).
Experience building core IAM capabilities to include: IGA, PKI, UBA, password vaulting, MFA, and SSO.
Values team building; coaching, mentoring and training a team.
Humble, hardworking, forward-thinking values.
Clear and concise communication abilities.
General Security Industry Certifications (e.g. CISSP, CCSP).
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.