Jobs · Engineering · Colorado

Senior DevSecOps Engineer

Generac · Denver, CO · 1 wk ago
On-siteEngineering$145k/yrFull-time

Responsibilities

  • Cloud Security Architecture Design and implement secure-by-default cloud infrastructure to handle data transmitted from IoT devices and between cloud services.
  • Develop secure mechanisms for data storage and processing, including encryption and secure authentication frameworks to support the confidentiality, integrity and availability of data.
  • Enable the provisioning of secure cloud infrastructure through the development of infrastructure as code (Iac) modules which align with security best practices and industry regulations.
  • Secure Cloud Communication And Data Handling
    • Ensure all data transmitted from IoT devices to the industrial cloud is encrypted and securely handled.
    • Implement network-level security measures to protect cloud infrastructure from threats like man-in-the-middle attacks, DDoS, and unauthorized access.
    • Develop security protocols for managing data at rest and in transit across cloud services, ensuring compliance with industry standards.
  • Cloud Integration And Security Controls
    • Oversee the integration of various cloud services to ensure secure data ingestion, storage, and processing.
    • Implement and maintain secure access control mechanisms, ensuring only authorized systems and personnel can interact with cloud-based data.
    • Manage secure API connections and authentication methods between cloud systems and other enterprise services.
  • Cloud Security Compliance And Auditing
    • Ensure the industrial cloud infrastructure complies with security standards such as ISO 27001 and ongoing compliance through regular audits and assessments.
    • Conduct vulnerability assessments and security reviews of the cloud environment to identify and address potential risks.
  • Threat Modeling And Vulnerability Management
    • Perform threat modeling and vulnerability assessments to identify potential attack vectors within the cloud infrastructure.
    • Implement security monitoring and alerting systems to detect and respond to potential threats or unauthorized activities in real-time.
  • Cross-functional Collaboration
    • Collaborate with cloud engineers, network security teams, DevOps and other DevSecOps engineers to ensure security is integrated throughout the cloud infrastructure and software development lifecycles.
    • Provide mentoring on secure cloud infrastructure design, development, and maintenance to align with security best practices and industry regulations.
    • Lead security awareness and training programs for teams involved in managing Generac’s industrial cloud infrastructure.

    Requirements

    • B.S. in Computer Science, Cybersecurity, Engineering or equivalent years of work experience.
    • 5+ years of experience in cloud security, with a focus on securing cloud infrastructure for data processing and storage.

    Preferred Qualifications

    • Strong understanding of cloud security, identity management, secure communication protocols (e.g., TLS), and data encryption.
    • Proven experience working with public cloud platforms (e.g., AWS, Azure, Google Cloud) to secure cloud environments and services.
    • Experience with SAST/DAST tools, container security and vulnerability management.
    • Knowledge of ISO 27001 compliance requirements for cloud environments.
    • Experience with infrastructure as code, preferably Terraform.
    • Certifications such as CISSP, CCSP, GCSA or cloud-specific security or automation certifications are highly desirable.

    Benefits

    • Comprehensive benefit package that includes medical, dental and vision plans; life, long-term disability, flexible spending and health savings accounts, accrued paid time off, paid Holidays and 401(k)/RRSP retirement benefits.

Similar jobs

Senior DevSecOps Engineer

Capital GroupCharlotte, NC· 1 wk ago
Engineering$137k–$219k/yrapply on capgroup.wd1.myworkdayjobs.com