DevSecOps Engineer
Remote
Material Bank
Search and order free material samples from Material Bank. Register as a professional to search across the best design and architectural product brands!Material Bank is a fast-paced, high-growth technology company and created the world's largest material marketplace for the Architecture and Design industry, providing the fastest and most powerful way to start and manage a design project. Learn more about us at www.materialbank.com or see below.
--
The DevSecOps Engineer supports continuous integration and continuous deployment (CI/CD) initiatives and is an integrated team member working with software developers, system engineers, cybersecurity engineers and systems administrators. The DevSecOps Engineer acts as a liaison with Software Development and Development Operations (DevOps) to understand strategy, execution and production support. The role is heavily security-focused and ingrained in the CI/CD pipeline automation to deliver security principles and validation at all times.
What you’ll do:
- Assist in the development and implementation of CI/CD security strategy and practices in tandem with other technical team leads.
- Build relationships with developers, stakeholders and scrum masters to incorporate security principles into engineering design and deployments.
- Build services and tools to enable developers and engineers to easily use security components produced by application security team members.
- Enrich DevOps architecture with security standards, best practices and automations.
- Serve as a point of contact for security-based escalations and remain tightly involved through resolution.
- In-depth understanding of TCP/IP, computer networking, routing and switching
- Solid experience with firewall and intrusion detection/prevention protocols
- Influence secure API development standards and implementations across multiple platforms.
- Define security testing strategy and implement technologies and processes to support the strategy.
- Coordinate ethical hacking & penetration testing exercises
- Supervise testing and validation in application security controls across projects.
- Build services and tools to enable developers and engineers to easily use security components produced by application security team members.
- Simplify automation that applies security inter-workings with CI/CD pipelines.
- Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.
- Identify vulnerabilities in code through automated and manual assessments, and promote quick remediation.
- Partner with teams to define key performance indicators (KPIs) and metrics across business units.
What you’ll bring:
- At least 8 years’ experience in information technology, information security administration or security operations.
- Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC).
- Experience with agile workflows, including Scrum and Kanban.
- Experience with DevSecOps implementations (SAST, SCA and/or DAST)
- Experience with Amazon Web Services (AWS) security and operations
- Strong knowledge on containerization and orchestration tools like Docker and Kubernetes
- Certifications – CISSP, AWS Certified Cloud Practitioner
Preferred Requirements:
- Experience in e-commerce customer portals
- High proficiency at problem-solving
- High performance on speed, team player, and details
What you’ll get from us:
- Our people: If you thrive in an inclusive, innovative, and fast-paced organization, look no further! You will get to work alongside some of the brightest minds - Join a genuinely fun and supportive workplace where we keep our employees consistently engaged through internal communication and corporate events
- Relaxation and Celebrations: Generous PTO, Sick Days, Paid National Holidays, and even more (ask us about this when we connect).
- Health Benefits: We contribute to your medical, dental, vision and short-term/long-term disability plans and have a strong employee assistance program.
- Plan for your Retirement: 401(k) eligible after your first 90 day's employed!
- Giving Back: We sponsor multiple events throughout the year to help out our communities. You will receive time off to give back as well.
- Growth: We’ll help you take your career to the next level. We want you to be creative and take initiative which will allow you to grow and create within the company. Most importantly, be the best at what matters!
- Flexible Work Schedules: With business units and employees across the globe, Material Technologies has embraced a hybrid working model allowing department leaders to decide on the best approach for their respective teams, whether that be remote, in person, or a little of both.
About Material Bank
Material Bank is the world’s largest material marketplace for the architecture and design industry, providing the fastest and most powerful way to search and sample materials. Material Bank connects design professionals to hundreds of manufacturers through facilitating brand discovery, rep engagement, and material sampling.
Material Bank has transformed the way an entire industry discovers and samples materials. By removing the friction that exists in the process, we drive business between architects and designers (members) and our Brand Partners (clients).
Our powerful material database and proprietary robotic distribution facility allow members to order samples until midnight (ET) to be delivered free of charge anywhere in the US, in one box, by 10:30 AM the next morning.
Connect with us and discover your career at Material Bank.
-- Material Bank is proud to be an equal opportunity employer. We value diversity, and all applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, age, national origin, veteran or disability status or other status protected under any applicable federal, state or local law.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs Application security Automation AWS CI/CD CISSP Cloud CVSS DAST DevOps DevSecOps Docker E-commerce Ethical hacking Firewalls Intrusion detection Kanban KPIs Kubernetes MITRE ATT&CK OWASP Pentesting SAST Scrum SDLC Security strategy Strategy TCP/IP Vulnerabilities
Perks/benefits: Career development Flex hours Flex vacation Health care Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs