Job description
A cognitive technology startup redefining business process discovery to empower large enterprises, is looking for a DevSecOps Engineer. The engineer must be interested in working on an AI-powered platform and redefining business process discovery and management. The company’s vision is to be the foundation for operational intelligence and the fabric of the future of work while helping large enterprises to uncover, untangle, and unleash their business processes. The company has managed to raise $14mn in funding so far. This is a great opportunity to work closely with a team of innovators who thrive in a collegial and collaborative environment.
Job Responsibilities:
- Work on deploying and managing infrastructures and applications via code, CI/CD pipelines, and K8
- Collaborate in developing, improving, and managing security operations, monitoring, and incident response practices, processes, and solutions
- Build, document, and implement SIEM standard protocols
- Develop and maintain Cloud Infrastructure Security
- Look into product cybersecurity threats and possible areas of vulnerability
- Assist in planning and risk assessment tasks(e.g. Threat and Risk Analysis) for cloud-based services and systems
- Develop and maintain capabilities to support privacy requirements for sensitive data
- Conceptualize, build, and deploy monitoring, metrics, and logging systems using monitoring tools to identify lingering problems, and resolve and/or escalate to development
- Define necessary metrics to measure performance against initiatives and report issues to stakeholders
- Make sure service availability with secure infrastructure offering appropriate automation, monitoring, intrusion analysis, and incident response
- Provide inputs for improvement on existing policies and procedures to ensure operational efficiency and regulatory compliance
- Stay updated and lead the development and upgrades of continuous delivery systems on the Cloud
- Partner with the product developers to ensure convergence of business, technical and security requirements
- Work closely with management to align existing technical installed base and skills with future architectural requirements
- Build and share roadmaps across security, engineering, and IT functions to streamline processes and cross-department dependencies are managed
- Collaborate with the leadership of different teams to own and oversee compliance initiatives including SOC2, Health Insurance Portability, and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and associated federal and state privacy laws
Job Requirements:
- Bachelor’s/Master’s degree in Engineering, Computer Science (or equivalent experience)
- 5+ years of relevant experience as a DevSecOps engineer
- Experience in leading an operations organization of some form; SecOps, DevSecOPs, DevOps
- Must have a thorough understanding and experience of working with technologies like Kubernetes and Docker
- Experience with provisioning and deploying SAAS-based applications in Azure
- Should have in-depth knowledge of Ansible and Terraform
- Azure certification in security would be an added advantage
- Deep understanding of CI/CD and containerization
- Deep knowledge of security/operations infrastructure including network infrastructure components (routers, firewalls), vulnerability management tools, IDS/IPS, SIEM, WAF, etc.
- Experience with security laws and frameworks such as SOC2, ISO 27001, HIPAA, HITRUST, FedRAMP, PCI-DSS, and others
- Knowledge of SonarQube will be an added advantage
- Must be fluent at English with strong communication skills
- Passion for solving operational technical challenges with scalable automated solutions
- Experience working in a startup or fast-paced environment is desirable