Associate Level

Sr.DevsecOps - GFK

Work Type: Full Time

Hiring for a B2B product company - Remote (SAAS)

#DevOps #TechOps #CloudOps #SIEMtechnologies #Threat modeling

Experience: 7+ years

Education: Bachelor's degree 


  • Design, build and support security tools and processes to effectively secure the organization and cloud environments
  • Develop, implement and operate controls to secure cloud-based systems
  • Responsible for full lifecycle management of all security tooling: AV, IPS, SIEM, WAF, CloudTrail, GuardDuty, VPC Flow logs, CSPM, Compliance Controls, IAM, log aggregation.
  • Build and maintain automation and integrations with security tooling for growth and scale
  • In close collaboration and partnership with Information Security leaders and engineers, develop standards, guidelines, and policies on architecture and design decisions
  • Work with various teams to ensure security is part of the build and CI\CD processes
  • Drive incident, problem management, and root cause analysis within the defined SLAs
  • Develop, monitor and respond to all alerts across the organization 
  • Ability to work independently to resolve technical & infrastructure issues reported by customers and internal teams.
  • Create documentation on run books, common troubleshooting, issue resolution, best practices and deliver trainings to other engineers on the security team
  • Partner with development teams to resolve complex issues
  • Experience in change and release management process
  • Ensure architectural security alignment with our plans for current and expanded operations using a mix of cloud SaaS.
  • Analyze the current technology environment to detect critical security deficiencies and recommend solutions
  • Plan for and respond to security issues, driving towards product resolution

Experience (Must have)

  • Experience building cloud infrastructure using automation
  • Experience with build systems/tools like Jenkins, CloudFormation, Terraform
  • Experience with securing cloud environments (AWS, Azure, & GCP)
  • Experience with SAST\DAST\IAST tooling
  • Experience with SIEM technologies and threat modeling
  • Experience with managing vulnerability management programs and remediation lifecycles
  • Experience with automation and integrations with CI\CD pipelines
  • Experience with security automation and orchestration processes
  • Experience with scripting and consuming API’s: Python, Ruby, etc
  • Experience with incident response and remediation strategies advanced knowledge of native cloud services.
  • Expert ability to identify risks in designs and communicate with key stakeholders to address the risk and drive a solution.
  • Advanced understanding of techniques and tricks used by hackers to gain entry into corporate networks.

Submit Your Application

You have successfully applied
  • You have errors in applying