DevOps Security Engineer

New York, New York Permanent USD180,000 - USD260,000 per year Hybrid working View Job Description
A client is looking for a Devops Security Engineer who will collaborate with the DevOps team to create and manage a comprehensive DevSecOps framework that integrates security tools into the CI/CD workflows, enhancing the developer experience. They will promote a security-first mindset within the development team by advocating for secure coding practices and offering guidance on secure development methodologies.
  • A full time opportunity with an established company in financial services.
  • Competitive salary, benefits and room for growth

About Our Client

The client is an established financial services firm.

Job Description

  • Develop security-focused DevSecOps policies and provide training and awareness to the development team.
  • Create Key Risk Indicators (KRIs) to monitor security posture, track progress, and identify outliers across business lines.
  • Implement security testing tools and processes in the CI/CD pipeline, including SAST, DAST, SCA, and OSS.
  • Collaborate with the DevOps team to automate security controls and compliance checks, ensuring adherence to best practices and regulations.
  • Troubleshoot security issues throughout the software development lifecycle and stay updated on emerging threats and best practices.



MPI does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, marital status, or based on an individual's status in any group or class protected by applicable federal, state or local law. MPI encourages applications from minorities, women, the disabled, protected veterans and all other qualified applicants.

The Successful Applicant

  • 7-10 years of experience in software development, DevOps, or security engineering with a focus on DevSecOps practices.
  • Must come from a background in the financial services industry.
  • Expertise in CI/CD tools such as GitHub, Jenkins, GitLab CI/CD, and Azure DevOps.
  • Proficient in infrastructure-as-code tools like Terraform or CloudFormation, and skilled in scripting languages such as Python or Bash.
  • Experienced with security testing tools like SonarQube, SNYK, Nessus, and Qualys, and familiar with containerization technologies like Docker and Kubernetes.
  • Knowledgeable in security best practices for cloud environments and compliance standards, with strong communication, problem-solving skills, and a commitment to ethical standards.



What's on Offer

A full time opportunity with competitive base salary and room for growth in an established firm.

Contact
Hannah Nagle
Quote job ref
JN-092024-6541994

Job summary

Sector
Information Technology
Sub Sector
IT Development
Industry
Financial Services
Location
New York
Contract Type
Permanent
Consultant name
Hannah Nagle
Job Reference
JN-092024-6541994
Job Nature
Hybrid working