Position : DevSecOps Engineer (Costa Mesa, CA or Downey, CA)

Requisition ID: : 1542

DESCRIPTION

• Must have Security experience, which is critical to this role.

• Currently not offering visa or work permit sponsorship of any kind.

Under the direction of the Information Security Manager, the DevSecOps Engineer will directly engage in delivery of projects with multi-disciplinary teams, implementing automation and security-related tooling, assists with installation and management of the security infrastructure, conducts investigations and plays a role in incident response. The DevSecOps Engineer will also be responsible for the design and development of innovative security solutions for protecting data deployed in the cloud. This role is a hands-on technical role which also requires direct communications with cross-functional teams including IT, Project Management, Development, and other Business Units.

The DevSecOps Engineer helps plan and carry out FPCU’s information security strategy. They help develop a set of security standards and best practices for the organization, and recommend security enhancements to management as needed. DevSecOps Security Engineers may be asked to provide content to educate the workforce on information security through training and awareness.

ESSENTIAL RESPONSIBILITIES:

1. Designs, develops, documents, analyzes, tests, integrates, debugs, conducts research and/or discovers and analyzes security flaws or vulnerabilities in software, networks, systems, and applications.

2. Actively participates in identifying, prioritizing, and coordinating the protection of critical cybersecurity infrastructure and key resources.

3. Assesses system security to identify and mitigate risks and vulnerabilities.

4. Supports the configuration and administration of cyber security tools and systems.

5. Tests existing and new technologies for security vulnerabilities.

6. Reviews requested changes for equipment, technology and/or other factors/trends, which are planned for deployment.

7. Be part of a team responsible for design and implementation of infrastructure and security architecture, including security groups, network firewalls, WAF and IDS.

8. Work very closely with the Development, Operations and Networking teams to craft and enforce security policy as relates to DevOps, infrastructure and more.

9. Responds to information systems security incidents and vulnerabilities including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access and policy breaches; interacts and coordinates with third-party incident responders including law enforcement.

10. Work with IT and Development to develop secure solutions to reduce attack surface.

11. Analyze and harden existing infrastructure, automation, and deployment processes.

12. Work with development teams, operations, governance, and other stakeholders to draft security standards for cloud services and implement monitoring to adhere to those standards.

13. Integrate security tools in the CI/CD process and work with development teams to mitigate findings.

14. Ensure cyber security best practices are implemented and followed. Maintains compliance with all guidelines and regulations such as FFIEC, NIST, GLBA, and any other relevant regulations.

15. Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.

16. Ensure EMT/SMT know as much as possible, as quickly as possible about security incidents.

17. Performs other related duties as required.

EDUCATION and/or EXPERIENCE:

Bachelor’s degree in computer science or related field or equivalent technical or professional experience related to Information Security is required. Other requirements are:

• 2+ years of experience related to Cyber Security Engineering

• 5+ years of experience in a DevOps and/or a DevSecOps environment

• At least five (5) years’ experience with hands-on technical experience

• 3+ years of hands-on experience in Cloud Security, preferably in the delivery of large-scale, multi-tenant enterprise Cloud Platforms

• Working knowledge of architecture and design of solutions using cloud-based technologies or experience with Microsoft Azure, AWS, GPS or other cloud technologies

• Proficient with a variety of software development languages, tools and techniques

• Proficient with a variety of DevOps tools and techniques

• Proficient in scripting and automation tools such as PowerShell, Ansible Playbooks and Python

• Experience with Continuous Integration/Continuous Delivery (CI/CD) concepts and automated tools such as Docker, Jenkins, Rational Team Concert, JIRA, Git, Puppet, and/or Cucumber.

• Solid understanding of cyber security technologies and concepts at both the local and enterprise level

• Experience with networking (TCP/IP, topology, sockets and security), operating systems, (Windows/Linux), and web technologies (Internet security)

• Experience establishing and maintaining good working relationships in all levels of the organization, including customers, organizations, internal management, and support

• Integration, Design, Architecture of AWS or GCP services into other Security Platforms (IAM, SAML, OAuth, Okta, Ping Identity, CyberArk)

• Knowledge of software development and systems development lifecycle practices, preferably in an agile development environment

• Experience in software security testing, methodologies, and frameworks

• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.

• Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols

• Problem solving skills and ability to work under pressure

• Strong analytical skills

• Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change

• Ability to research, analyze and resolve complex problems with minimal supervision and escalate issues as appropriate

Any combination of education, training and/or experience that fulfills the requirements of the position will be considered.

CERTIFICATES, LICENSES, REGISTRATIONS:

• Hold or be actively pursuing security-related professional certifications within the GIAC family of certifications or CISSP, CISM or CISA

• Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP)

• Certified Ethical Hacker (CEH)

• SANS/GIAC Reverse Engineering Malware (GREM)

• Certifications related to Agile development and Scaled Agile Framework (SAFe) such as Scrum Master, SAFe Agilist (SA), SAFe Practitioner (SP) or SAFe Program Consultant (SPC)

• Any Security or technical certifications and/or technical training in security software, servers, local and wide area networks.

The pay range for this position is listed above. Our pay ranges are designed to allow for candidates with various levels of experience and skill to be considered, and to allow room for growth to be achieved in a role over time. Generally, new hire salary offers fall within the minimum to midpoint of a pay range for many candidates. Any offer extended to a candidate will be based upon their individual combination of experience, knowledge, skills, and education as well as internal equity.

Financial Partners Credit Union is an equal opportunity employer and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

$93,696 - $140,544