Principal DevSecOps Engineer - R0008116

• Partnering with varied technical and business unit teams in assessing security vulnerabilities and being responsible for driving items to closure and policy adherence 

• Providing mentorship and technical guidance to team members  

• Joining with key stakeholders to establish technical direction and negotiate technical decision points to drive innovative solutions   

• Contribute to reusable automation scripts, libraries, services, and tools to increase system and process efficiencies. 

• Build automation leveraging CI/CD processes, automated testing, unit testing, code coverage and other software development best practices in both public and private cloud technologies 

• Collaborate with others to promote, design and create tactical and strategic plans to look for innovative ways to improve the vulnerability management program 

• Drive technical design and validation, while ensuring implementation aligns with our technical strategies and strategic business goals  

• Partnering with the security teams and tools to continually review and understand new industry security threats, associated technologies and quickly addressing vulnerabilities 

What we'll want you to have:  

You are either a security interested engineer who has been working in agile software development, or a development interested security practitioner with coding skills who understands security best practices but wants to get closer to development and engineering. 

• B.S. in Computer Science, Engineering or equivalent work experience required  

• 6+ years of experience with common web technologies required – Javascript, C#, .NET, HTML, AJAX or other equivalent Object-Oriented language or implementation of cloud technologies (Microsoft Azure) and an understanding of SAAS, PAAS, and IAAS models  

•  Experience leading small to medium size projects with ownership of project from conception to operationalization  

• Experience with vulnerability and patch assessment including good understanding of Windows and Linux patching, vulnerability scoring systems as well as other various commercial offerings for application security testing and analysis. 

• Experience partnering with development and systems engineers on impactful security initiatives.  

• Understand DevSecOps cultural mindsets, and an engineering focused approach to solving complex security problems   

• Experience building high performance, scalable, robust, 24x7 environments and/or applications   

• Experience creating scripts or automation, such as Perl, PowerShell, Python, TCL/TK, Ruby or similar for cloud orchestration required (PowerShell preferred)