Senior DevSecOps Engineer

Remote from
🌐 Anywhere
Seniority level
Senior
Job function
Software Engineering
Job type
Full Time,
Job posted
Apply before
30 Nov 2024
Industry
Health, Wellness & Fitness

About CrossFit

The world's leading platform for health, happiness, and performance.

CrossFit is looking to hire a highly skilled and experienced Senior DevSecOps Engineer to join our team remotely. This role is integral to ensuring the security, efficiency, and reliability of our cloud infrastructure. The ideal candidate will have extensive experience with AWS cloud services, Terraform for Infrastructure as Code, and Python for automation and software development. As a senior member of our team, you will be expected to lead initiatives and drive the implementation of secure development practices across the organization.

RESPONSIBILITIES:

Infrastructure Security:
  • Design, implement, and maintain secure AWS cloud infrastructure.
  • Ensure the security of cloud resources through automated security controls, continuous monitoring, and threat detection.
  • Lead the development of security policies, procedures, and practices for cloud infrastructure.
Automation and Development:
  • Develop and maintain automation scripts and tools using Python to streamline security processes and improve efficiency.
  • Collaborate with software development teams to integrate security into the CI/CD pipeline, ensuring secure code deployment.
  • Implement and maintain infrastructure as code (IaC) practices, ensuring consistency and compliance across environments.
Leadership and Collaboration:
  • Work closely with cross-functional teams, including development, operations, and security, to ensure alignment on security objectives.
  • Lead incident response efforts for security breaches, including investigation, mitigation, and post-incident analysis.
Continuous Improvement:
  • Stay up-to-date with the latest security threats, technologies, and best practices, and implement improvements where necessary.
  • Conduct regular security assessments, audits, and penetration tests to identify and address vulnerabilities.
  • Drive the adoption of new security tools and technologies that enhance our security posture.

KNOWLEDGE AND SKILLS:

  • Extensive experience with AWS services, including IAM, VPC, ECS, RDS, Lambda, WAF, Cloud Firewall, and others.
  • Proficiency with Terraform and Terragrunt for infrastructure as code.
  • Strong Python programming skills, with experience in automating security and devops processes and developing security tools.
  • Security Skills: Knowledge of security best practices, threat modeling, security testing, and vulnerability management
  • Incident Response: Ability to handle and respond to security incidents and breaches.
  • Monitoring and Logging: Skills in using monitoring tools like DataDog, Prometheus, Grafana, ELK StackΒ  or Splunk.
  • Networking Fundamentals: Understanding of network protocols (e.g., TCP/IP, DNS, SMTP, HTTP/HTTPS) and network architecture.
  • Firewalls and Security Devices: Proficiency with firewall management (both traditional and next-generation) and other security devices like IDS/IPS, VPNs, and DLP systems.
  • Intrusion Detection and Prevention: Ability to configure and manage intrusion detection systems (IDS) and intrusion prevention systems (IPS).
  • Network Monitoring and Traffic Analysis: Experience with tools such as Wireshark, Nagios, or SolarWinds for monitoring network traffic and performance.
  • Security Information and Event Management (SIEM): Proficiency in using SIEM platforms like Splunk, IBM QRadar, or LogRhythm to analyze security alerts and logs.
  • Experience with CI/CD pipelines and integrating security tools into the development process.
  • Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
  • Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders.
Preferred Qualifications:
  • Relevant certifications such as AWS Certified Security – Specialty, Certified Information Systems Security Professional (CISSP), or similar.
  • Knowledge of containerization and orchestration tools (e.g., Docker, Kubernetes) and their security implications.
  • Familiarity with DevOps tools such as GitHub Actions, Jenkins, or similar.

EDUCATION/EXPERIENCE:

  • Bachelor’s degree in Computer Science, Information Security, or a related field; or equivalent experience.
  • 5+ years of experience in a DevSecOps or related role, with a focus on cloud security.

WHAT WE OFFER:

  • Rich Medical, Dental, and Vision plans
  • Discretionary Paid Time Off – empowering you to unplug whenever and however you need to
  • Flexible spending account and 401(k) with employer matching – vested on day one
  • CrossFit Gym Membership Reimbursement
  • CrossFit Courses Benefit
  • Partnership Perks

Apply now >

Megaphone

Personalised job alerts

Set up personalised e-mail alerts about similar remote jobs

FacebookTwitterLinkedIn

How to apply

Did you apply? Let us know, and we’ll help you track your application.

See a few more

Similar remote jobs in Software Engineering

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more β€Ί
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more β€Ί
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more β€Ί
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

FAQ

What position is CrossFit hiring for?

CrossFit is hiring a remote Senior DevSecOps Engineer from 🌐 Anywhere

What type of employment does CrossFit offer?

This is a Full Time role.

Network