Senior Security Engineer / DevSecOps Engineer

Job Description Do you want to be a direct contributor in a company that is an innovation leader and has the awards to prove it?

The client we are working with is a premier customer relationship management (CRM) and internet marketing company that connects automotive dealerships to customers in innovative, award-winning ways.

They are looking to bring on a Sr. Security Engineer. You would be a member of the DevSecOps team with a focus on companywide security initiatives, to include technical work, policy writing, and occasional communications with vendors and customers. This is a team lead role for the Security team with 1 direct report; 80% of the role is functioning as an individual contributor.

Responsibilities:

• Document and maintain security policies that span infrastructure, software development practices, security incident management, and safe practices for all employees.
• Audit security compliance on an adhoc and recurring basis.
• Implement security training for employees on an annual basis and during new hire onboarding.
• Provide technical security training and advise engineering teams on preventative security practices that include infrastructure, code, access controls, etc.
• Coordinate penetration testing through an independent 3rd party and provide internal penetration testing more frequently as need.
• Coordinate penetration testing with a 3rd party at least annually.
• Establish, maintain, investigate, and resolve security alerts.
• Implement security improvements, individually and by guiding other teams.
• Participate in meetings with internal teams, legal, vendors, and customers as a security expert.
• Answer written and verbal inquiries from vendors and customers about security practices.
• Participate in DevOps tasks as needed in the areas of infrastructure and CI/CD.

This is a full time direct hire remote opportunity. Required Skills & Experience

• Senior level expertise integrating AWS with a strong security skillset – any work with Trust Advisor, Lacework, and/or Burp tools.
• 8+ years of experience.
• Demonstrate senior-level expertise in most of the following areas: AWS; SDLC processes; industry-leading security practices; security scanning and penetration tools; and automated and manual approaches to mitigating security threads.
• Hands-on experience supporting complex applications in a production environment.
• Working knowledge of DevOps best practices and tools.
• A data-driven approach to problem solving and communications.
• Ability to balance multiple assignments in a fast-paced environment.
• Exceptional communication, problem solving, and analytical skills is a must.

What You Will Be Doing Daily Responsibilities

• 80% Hands On- Individual contributor
• 20% Leadership, team collaboration, occasional communication with customers/vendors

The Offer

• Competitive salary + benefits + profit sharing in year 2 of employment

You will receive the following benefits:

• Competitive salary
• Remote work opportunity
• Profit sharing plan
• Health, Vision, and Dental Insurance (eligible on day 1)
• 401K with matching up to 4%
• 9 company holidays + 15 vacation days in first year
• Ample professional growth opportunities
• Pluralsight subscription

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.
*Not a C2C eligible opportunity. 

#LI-JF3