Development Security & Operations Engineer
Seaboard Marine · Miami, FL · 3 mo ago
On-siteEngineeringFull-time
About the role
The development, security, and operations (DevSecOps) Engineer plays a critical role in ensuring that security is integrated into every phase of the software development lifecycle (SDLC). This position requires a deep understanding of security principles, practices, and tools, as well as proficiency in programming languages and automation tasks.
Responsibilities
- Implement and maintain security tools and practices within the CI/CD pipeline.
- Conduct regular security assessments and vulnerability testing to identify and mitigate risks.
- Collaborate with software developers to incorporate secure coding practices.
- Use tools to automate scans, code verification, and other security tasks.
- Automate security processes to ensure seamless integration into the development workflow.
- Monitor and respond to security incidents, ensuring rapid and effective resolution.
- Stay updated with the latest security threats and trends and advise on necessary updates or changes to security protocols.
- Work with cloud-based infrastructures, ensuring they are securely configured and compliant with industry standards.
- Promote a culture of security awareness across the organization.
Qualifications
- Required: Bachelor’s degree in Computer Science, Information Security, or a related field, or a minimum of 10 years’ experience in cybersecurity and/or development.
- Proven experience in a DevOps, cybersecurity, or related role.
- Proficiency in programming languages such as Python, Java, or Ruby, and scripting languages for automation tasks.
- Familiarity with CI/CD tools, container orchestration, and infrastructure as code (IaC) tools.
- A strong understanding of security principles, practices, and tools, including threat modeling, risk management, security protocols, encryption technologies, and vulnerability assessment.
- Understanding of risk assessment techniques and security best practices.
- Skills in securing cloud environments, including experience with cloud service providers like Azure and AWS and understanding of cloud-native security tools and practices.
- Knowledge of system administration is crucial for securing the underlying infrastructure.
- Awareness of legal and regulatory requirements related to information security, such as GDPR, HIPAA, and SOC 2.
- Ability to identify security issues and vulnerabilities and develop effective and efficient solutions or mitigations.
- Strong communication skills to effectively collaborate with development, operations, and business teams, and to promote a culture of security awareness.
- Commitment to staying updated with the latest security trends, threats, and technologies, and the willingness to continuously learn and adapt.
- Skills in handling security breaches and incidents, including the ability to lead or participate in incident response efforts.
Physical Requirements
- Continuous sitting and using fingers.
- Frequent talking and hearing.
- Frequent standing and walking.
- Occasional lifting and moving up to 10 pounds.
Conditions
- Work is performed primarily in the office.
- The noise level in the work environment is usually quiet to moderate when work is performed in the office environment.