Encora Digital is seeking a Senior DevSecOps Security Engineer to join the team.
Are you experimentation-driven, bold, result-oriented, customer-focused? Do you want to help drive the adoption of security controls in the delivery pipeline? Are you excited to implement automated security solutions enabling development teams to deploy secure software?
As a member of the DevSecOps Team, you will have the opportunity to pioneer security architectures supporting the ability to deliver secure software. You will collaborate with security, development, operations, and infrastructure teams to build and implement automated security solutions that enable the "shift left" culture.
What you'll do:
Build and manage services, tools, and integrations that will automate security controls within CI/CD pipelines.
Identify security gaps in DevSecOps architectures and toolchains and recommend enhancements.
Provide technical leadership to security, infrastructure, engineering, development, and business teams.
Assist with developing the DevSecOps strategy and roadmap across people, processes, and technology.
Build relationships with development and operations teams and guide vulnerability remediation.
Perform upgrades and drive the deployment of security solutions.
Create key performance indicators that track the progress and effectiveness of the DevSecOps program.
Design security compliance metrics that align with DevSecOps requirements and assist with driving enforcement.
Assist with triaging potential security incidents.
Assist with cybersecurity escalations and change management.
Create runbooks and document policies and procedures.
Work with vendors and maintain relationships.
Remain current with new cybersecurity trends, threats, and disruptive solutions and make recommendations to leadership.
Why you will love working with us:
Referral Bonuses.
Flexible hours and work models for a better balance between work and personal life.
Continuous technical training and constant training.
Work in a Great Place To Work characterized by a dynamic climate.
Corporate recognition program.
Career line that will allow you to grow with us.
About Encora:
Encora is a global company offering software and Digital Engineering solutions, with over 9,000 encorians worldwide. Our technology practices include Cloud Services, Product Engineering, Data Science and Engineering, Digital Experience, DevOps, Cybersecurity, and Quality Engineering.
At Encora Inc., we hire professionals based solely on their abilities, and we do not discriminate based on age, disability, religion, gender, sexual orientation, socioeconomic status, or nationality.
Who you are:
BA/BS in Computer Science, IT, or a related field and six or more years of experience in a related field, OR MS degree in a related field and four years of related knowledge, OR Ph.D. and 1-year experience in a related field.
Previous experience as a DevOps/DevSecOps Engineer supporting applications and platforms running in the private or public cloud (such as Rancher, Anthos, AWS, GCP, and VMWare).
Deep experience within DevOps, CI/CD processes, SDLC, and related tools such as Jira, Jenkins, Artifactory, Bitbucket, GitLab, etc.
Experience with containers, enterprise container orchestration, and related tools such as Docker, Rancher, Kubernetes, and public cloud container services.
Understanding security automation within DevOps and CI/CD processes, including vulnerability identification and management.
Experience building and deploying infrastructure-as-Code (IaC) and related tools such as Ansible, Terraform, and Open Policy Agent.
Experience with creating regular expressions (REGEX), writing scripts in Python or bash, and interacting with APIs.
Understands OWASP Top10, CVSS, the MITRE ATT&CK framework, and the software development lifecycle (SLDC).
Good verbal and written communication skills are needed to communicate complex problems, including root causes, to technical and non-technical audiences.
Strong collaboration skills to effectively develop consensus and understanding among cross-functional teams on key security risks and vulnerabilities.
Ability to work under pressure, reprioritize, and adjust to changes in direction and deadlines.
Ability to balance multiple high-priority projects and complete them on time with minimal supervision.
Preferred:
Experience integrating security solutions into CI/CD workflows and toolsets.
Experience with cloud workload protection platforms (CWPP) such as Palo Alto Prisma Compute, Aqua, etc.
Experience with SAST, DAST, secret scanning, and secrets management solutions such as Veracode, Snyk, Gitleaks, and Hashicorp Vault.
Experience securing the software supply chain, including implementing appropriate controls across the SDLC and managing change.
Extensive Four consulting background or Fortune 500 company experience.
Telecom/Cable industry experience.
At least one relevant security-focused certification – CISSP, CCSP, CKS, GCSA.
Headquartered in Scottsdale, Arizona and backed by private equity firm Advent International, Encora is the preferred innovation partner to some of the world’s leading technology companies. It provides...
Apply Now