OpenLoop
Powering superior telehealth from end-to-end. #HealingAnywhere
Staff Security Engineer – DevOps Integrations
Location
United States
Posted
1 day ago
Salary
Not specified
Seniority
Lead
Bachelor Degree7 yrs expEnglishAWSCloudDockerGoogle Cloud PlatformKubernetes
Job Description
• Build relationships with developers and stakeholders to incorporate security principles into engineering design and deployments.
• Supervise validation in security controls and testing across projects, using SAST, DAST, IAST and RASP tools, documenting any security findings, outlining remediation options and overseeing mitigation.
• Oversee implementation of defensive practices and countermeasures across infrastructure and applications.
• Draft and uphold CI/CD security strategy and practices in tandem with other technical team leads.
• Lead continuous product and application security reviews, focused on secure development practices, threat modeling, vulnerability management, architecture and application security design.
• Ensure security principles and validations are consistently implemented throughout the CI/CD pipeline by embedding robust, security-focused practices into all automation processes.
• Attend and participate in product meetings addressing security requirements for new and existing products.
• Build services and tools to enable developers and engineers to use security components successfully.
• Simplify automation that applies security inter-workings with CI/CD pipelines.
• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.
• Communicate vulnerability results to both technical and non-technical stakeholders, focused on risk tolerance and threat to the business, in order to gain support through influential messaging.
• Leverage vulnerability database sources to understand the weakness, probability and remediation options supplied by vendors.
• Join forces and provision security principles in architecture, infrastructure and code.
• Regularly research and learn new tactics, techniques and procedures (TTPs).
• Partner with teams to define key performance indicators (KPIs) and metrics across business units.
• Ensure regulatory compliance (e.g., PCI, HIPAA, HITRUST, NIST CSF) through effective security controls and processes.
• Other duties as assigned.
Job Requirements
- Bachelor's degree in computer science (preferred), information assurance, MIS or related field, or equivalent.
- 7+ years of security and systems administration-related experience, to include 3+ years of related cloud and security engineering experience
- Experience with operations and security across Amazon Web Services (AWS) and/or Google Cloud Platform (GCP).
- Experience with agile workflows, including Scrum and Kanban.
- Understanding of containers (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes).
- Proficient in securing Windows and *nix operating systems, endpoint applications, networking protocols and devices.
- Understanding of OWASP, CVSS, the MITRE ATT&CK framework and (SLDC).
- Knowledge of Payment Card Industry (PCI), Health Information Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or International Standards Organization (ISO) requirements.
- Experience in healthcare or digital health is a plus.
Benefits
- Health insurance
- Flexible work arrangements
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
DevOps Engineer1 day ago
Full TimeRemoteTeam 201-500Since 2003
Meanstack Architect with DevOps expertise designing and deploying applications
AngularAWSAzureCloudDockerJavaScriptKubernetesMicroservicesMongoDBNode.js
DevOps Engineer1 day ago
Full TimeRemoteTeam 51-200H1B No Sponsor
We are hiring on behalf of our client, a high-growth software company supporting the development of a premier open-source, EVM-compatible public ledger built for global enterprise and Web3 use cases. They are currently hiring a Senior Site Reliability Engineer for their "greenfie...
AWSGCPKubernetesTerraformHelmGitOpsArgoCDCI/CDSREIaCEKSGKEAKSZero TrustVaultSOC 2HIPAANISTMulti-cloudDisaster Recovery
United States + 42 moreAll locations: United States, United Kingdom, Germany, France, Estonia, Portugal, Hungary, Poland, Ukraine, Romania, Bulgaria, Czech Republic, Slovakia, Belarus, Moldova, Republic Of, Sweden, Greece, Belgium, Italy, Ireland, Switzerland, Netherlands, Finland, Malta, Denmark, Lithuania, Croatia, Spain, Austria, Bosnia And Herzegovina, Iceland, Luxembourg, Macedonia, The Former Yugoslav Republic Of, Montenegro, Norway, Serbia, Slovenia, Albania, Cyprus, Latvia, Monaco
DevOps Engineer1 day ago
RemoteTeam 51-200H1B No Sponsor
Senior Site Reliability Engineer (Enterprise Platform)Location: Remote - US - Open to Europe if happy to overlap with ESTCompensation: CompetitiveWe are hiring on behalf of our client, a high-growth software company supporting the development of a prem...
TerraformKubernetesHelmGitOpsArgoCDCI/CDAWSGKEEKSAKSInfrastructure as CodeSite Reliability EngineeringDistributed SystemsMulti-region ArchitectureObservabilitySLOSLAMTTRBlue/Green DeploymentCanary Deployment
United States
DevOps Engineer1 day ago
Full TimeRemoteTeam 1-10H1B No Sponsor
DevOps Software Engineer at Auralis Group, remote work with enterprise clients
AWSAzureCloudFluxGoogle Cloud PlatformKubernetesPythonTerraformGo
