Devsecops Engineer

Urban Compass Seattle , WA 98113

Posted 5 months ago

DevSecOps Engineer

You are an application security engineer who wants to get in on the ground floor of one of NYC's most exciting startups. You are passionate about security, and want to build a secure product that will revolutionize an entire industry.

You love to learn, and equally love to share your knowledge with others. You're both a listener and contributor. You are a great communicator and you take care to understand before making yourself understood.

We are looking for a security professional who is interested in working with a talented startup team in building secure, resilient, and high-performance website, mobile apps, and data services for the real estate industry. You will work with developers to make security and compliance available to be consumed as services. You will help architect secure web products, perform simulated attacks, identify weaknesses, and work with the engineers to remediate and protect our products. You will help us build security as code.

What We're Looking For:

  • 3+ years of hands-on experience performing security tests and manual pentests on web applications, mobile apps, and web services (APIs).

  • Understanding of application security vulnerabilities and remediation techniques.

  • Knowledge and hands on experience with AWS cloud infrastructure and native security services such as Inspector, GuardDuty, Web Application Firewall, Security Groups, and CloudTrail.

  • Proficiency in scripting languages such as Bash and Python.

  • Knowledge of programming languages like Java, Python, and Golang.

  • Knowledge of Linux operating system.

  • Experience and knowledge of tools to facilitate secure SDLC controls (SAST, DAST, etc.).

  • Bachelor's degree in Computer Science or Engineering or commensurate experience.

  • Professional certification such as OSCP, GWAPT, GWEB, GPEN preferred but not required.

Check out our Engineering blog!

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Devsecops Engineer

Motorola Solutions

Posted 5 months ago

VIEW JOBS 6/9/2019 12:00:00 AM 2019-09-07T00:00 This is your opportunity to use your application security skills to protect the people that protect us. We are looking for an individual that is passionate - not just about cybersecurity - but about our mission to protect public safety and first responders. You should be passionate about constantly learning, researching and building solutions to difficult problems. The Application Security Architecture team is responsible for developing the entire application security strategy across Motorola Solutions, including tooling, SDLC, guidelines and standards. You will be working closely with engineering teams to understand their technology stacks, pipelines, frameworks and products and create seamless solutions to integrate security testing and metrics. If you are passionate about cloud infrastructure, DevOps and security and want to help solve important problems at scale in a high stakes environment, this role is for you. If you are a developer or operations engineer with a strong passion and interest in security, this role is for you. If you are a security consultant or penetration tester, but want to help build and defend solutions against the attacks you've normally performed, this role is for you! Some of your responsibilities will include: * Integrating automated security tests via various tools into CI/CD pipelines * Leveraging cloud infrastructure and APIs to help gain visibility and oversight of our security posture * Investigating and POCing commercial and open-source application security tools * Developing various automation scripts, plugins and dashboards to enable application security oversight at scale * Performing research and documenting best practices on securing and implementing various technologies as we adopt them * Understanding threat models and providing actionable application security recommendations and tools for various types of applications: web, mobile, embedded, etc * Performing targeted penetration tests to assist in detection and remediation validation of vulnerabilities The applicant should also have experience with the following: * Strong familiarity with application security concepts (e.g. OWASP Top 10) * Experience with or knowledge of security testing tools such as SAST or DAST * Strongly proficient in at least one scripting language * Cursory understanding of various programming languages (i.e. ability to figure out what's going on by looking at code snippets) * Strong ability to learn and research new things, including tools, languages, frameworks, etc. * Strong communication skills and the ability to present security concepts to non-technical audiences * Familiarity with DevOps practices, including CI/CD pipelines and tools (e.g. Jenkins) * Familiarity with containers and orchestration, esp. Kubernetes * Familiarity with cloud security concepts, esp. Azure This is your opportunity to help shape the application security landscape for products that directly impact people's lives, every single day. Motorola Solutions Seattle WA

Devsecops Engineer

Urban Compass