Devsecops Engineer
Strategic Resources International Inc · Lake Forest, IL · 1 wk ago
EngineeringFull-time
Key Responsibilities
- Synthesize security practices into CI/CD pipelines using static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), secrets management, and infrastructure as code (IaC) scanning.
- Conduct application security reviews, perform threat modeling, and provide remediation guidance to engineering teams.
- Harden AWS cloud infrastructure and develop security automation and internal tools.
- Triage security vulnerabilities and facilitate their resolution across various services.
Skills
- AWS Cloud security, including IAM, networking, and security guardrails, with proficiency in Python for security automation and tooling.
- Familiarity with SQL for data and log analysis.
- Experience with DevSecOps tooling such as Snyk, Checkmarx, Trivy, and Infrastructure as Code (Terraform).
- Expertise in container and Kubernetes security.
- Relevant certifications, such as AWS Security, OSCP, and CISSP.
- Experience with HITRUST, SOC 2, and HIPAA compliance standards.