$80K — $100K *
As a member of the Vistra Security Architecture Team, the DevSecOps Engineer will work with agile teams to ensure security is considered throughout development through the implementation of automated guardrails and security test. They will assist in design and drive development of security testing and validation into automated tools and pipelines. They will serve as the technical liaison between the Enterprise Security Architect and the Engineering teams. Individuals within this role will specialize in the security disciplines related to automation of security controls, and ideally would have experience or expertise in DevOps.
•Provides advanced technical support to integrate security and compliance requirements into all enterprise technology systems and projects as part of the SDLC process by working closely with various other company architects and application teams.•Creates and maintains standards and documentation related to security processes, procedures and infrastructure.•Assesses current applications and architecture to determine methods for automating security testing and control validation.•Executes plans for implementing management directives in most secure manners with automation.•Provides security guidance and requirements to various technology teams on methods for driving security into every aspect of the established SDLC.•Works closely with cross-functional teams as a subject matter expert for security standards and advises/contributes to development as needed.
•BS or BA degree in business or information systems related fields, with an emphasis in information technology or cyber security•0 - 2 years of dedicated information security experience OR 0 - 2 years of information technology administration experience •Experience designing/implementing security controls in AWS and/or Azure•Experience with automating processes and/or security controls•Familiarity with DevOps, DevSecOps, and Agile SDLC methodologies•Advanced and proven knowledge of security concepts (CISSP, CISA, CISM, GPEN, GWAPT, GCIH, other GIAC certifications, OSCP, CEH, PCNSE, etc.)
•Enhances security team accomplishments and competence by planning delivery of solutions, answering technical and procedural questions for less experienced team members, teaching improved processes, mentoring team members•Plans security systems by evaluating network and security technologies, developing network requirements for networks and related security and network devices, implements public key infrastructure configurations (PKIs), including use of certification authorities (CAs) and digital signatures•Adheres to industry guidelines, best practices, and approved standards•Prepares system security reports by collecting, analyzing, and summarizing data and trends.•Automates everyday and/or repeatable tasks, including security control enforcement•Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
We are a company of people committed to: Exceeding Customer Expectations, Great People, Teamwork, Competitive Spirit and Effective Communication. If this describes you, then you will have a good career here!
Valid through: 11/19/2020
$80K — $100K
12 days ago