Sr DevSecOps Engineer

Time zone
Anywhere ๐ŸŒŽ
Type
Full Time
Opening date
Closing date
13 Dec 2021
Views
77

Provide leadership in the DevSecOps areas of cloud computing, including: vulnerability remediation and scanning, certificate management, identity and access management, data analysis of security monitoring outputs, and other daily security and compliance efforts. Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open source solutions.

Required:

  • Bachelor’s degree in Computer Science or related field or equivalent experience.
  • Prior experience (3-5 years) in a production engineering or related position.
  • Familiarity with DevOps automation tools such as Digital.ai , Ansible, Atlassian Bitbucket, Prisma Compute, Prisma Cloud
  • CISM, CISSP, or other security certifications.
  • Familiarity with API security, container security, cloud security
  • Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA standards and policies and the associated certification and audit processes
  • Familiarity with information security frameworks/standards (for example, CIS, NIST, RFC2196, etc).
  • Auditing and compliance certifications such as CISA, PCI-ISA, and PCIP.
  • Familiarity with Google Cloud Platform, Microsoft Azure, and/or Amazon AWS policy, configuration, and security management tools.
  • Experience with security automation and machine learning.
  • Proficiency in Linux and scripting languages such as Bash, Python, etc.
  • Adhere to technical standards and participate in standards evolution.
  • Understand the importance of teamwork and coordinated activities.
  • Demonstrate effective communications skills at all organizational levels.
  • Thorough knowledge of analytical thinking concepts and techniques.
  • Mentor and lead team members in security concepts
  • Contribute to an atmosphere of cross-functional teamwork within the KeyBank Agile project life-cycle and ability to act within an Agile environment working with user stories, iterative development, continuous integration, continuous delivery, continuous feedback, etc.
  • Thorough knowledge of continuous integration, continuous delivery, continuous testing, and configuration management methodologies.

Preferred:

  • Experience working with developers, DevOps, and engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
  • Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, NMAP, etc).
  • Ability to review and analyze vulnerability data to identify security risks to the organization’s network, infrastructure, and application’s and determine any reported vulnerabilities that are false positives.
  • Capability to prepare security vulnerability and risk management reports for management.
  • Leadership and teaming skills to coordinate remediation of vulnerabilities within established timeframes.
  • Comprehension in the security areas of key management systems, certificate management, encryption, penetration testing, vulnerability remediation and scanning, security and monitoring tools, etc.
  • Experience configuring, implementing, and leveraging computer security and networking diagnostic/monitoring tools.
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, ciphers, etc)
  • Ability to work with APIs and plugins to integrate security tools into established CI/CD pipelines.

KeyCorp is an Equal Opportunity and Affirmative Action Employer committed to building a diverse, equitable and inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other protected category.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing [email protected].

Report · Embed ·

How to apply

ATTN. Be careful! You should never send cash or cheques to a prospective employer, or provide your bank details or any other financial information. We pay great attention to vetting all jobs that appear on our site, but please get in touch if you see any roles asking for such payments or financial details from you. The employer won't know who reported this job.


Share this job

Personalised job alerts

Set up personalised e-mail alerts about similar jobs.

See a few more

Related jobs in DevOps & SysAdmin

Report this job

The employer won't know who reported this job. Contact your local law enforcement for immediate help if someone is in danger or the victim of a scam.
All Job Ads are subject to Jobicy's Job Posting Policies. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by Jobicy. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.

Job Widget Code

Place this code wherever you want the widget to appear on your page.

<script src="//jobicy.com/api/widget.js?5XyPbk5QqyZg=8702" async></script>

Ask a Question

Position: Sr DevSecOps Engineer.


Login to Send Message