Senior DevSecOps Engineer

About the Role

We are seeking a DevSecOps professional with a strong passion for security and a desire to work in a dynamic environment. In this role, you will be instrumental in integrating security practices into our development and operations processes, ensuring our applications are secure from the ground up.

Responsibilities

1. Security Implementation: Identify and enforce security best practices, including threat modeling, vulnerability assessments, and compliance checks within our Azure AKS environment.
2. Manage and Enhance CI/CD Pipelines: Oversee the build and release pipelines using Azure DevOps, ensuring security is embedded throughout the development lifecycle.
3. Tool Utilization for Security Enhancements: Leverage security tools to assess and improve the security posture of Kubernetes deployments and overall application architecture.
4. Troubleshoot Technical Issues: Resolve technical problems related to deployments and security incidents promptly.
5. Onboarding and Training: Support the onboarding of new employees by educating them on security protocols and best practices.
6. Documentation Management: Create and maintain comprehensive process documentation that outlines security measures and procedures.
7. Customer Support: Guide customers through security-related issues and ensure timely follow-up to confirm resolution.
8. Feature Rollouts: Communicate new feature rollouts with an emphasis on security implications and enhancements.
9. Multi-tasking: Manage multiple support tickets and prioritize tasks effectively to maintain operational continuity.
10. Log Analysis: Trace logs and monitor infrastructure-related issues to identify security vulnerabilities.
11. Stakeholder Collaboration: Delegate issues to appropriate stakeholders and follow up to ensure timely resolution.

Expected and Desired Skills

1. Proficiency in Windows/Linux: Strong understanding of both operating systems to manage security configurations effectively.
2. Debugging and Problem-Solving Skills: Ability to troubleshoot and resolve complex technical issues, especially those related to security.
3. Cloud Experience: Familiarity with cloud platforms, particularly Azure (experience with AWS or others is a plus).
4. Programming Knowledge: Basic understanding of a programming language to support development and security automation.
5. Database Management: Understanding of SQL and basic database administration tasks with a focus on securing data.
6. Interpersonal Skills: Strong communication and collaboration skills to work effectively with diverse teams.
7. Containerization Knowledge: Basic knowledge of Docker and Kubernetes for secure application deployment.
8. Security Tools Exposure: Familiarity with tools for policy enforcement and security automation in Kubernetes environments.
9. Good Communication: Strong written and verbal communication skills to convey complex security concepts clearly.

Experience & Education

1. Education: An undergraduate degree, or equivalent, in Software Engineering/Computer Science.
2. Proactive Attitude: A go-getter attitude with a willingness to learn from various challenges.
3. Availability: Open to working in a flexible environment to support critical operations and incident response.