Information Security Devsecops Engineer

Tailored Brands Fremont , CA 94537

Posted 8 months ago

Tailored Brands, Inc.'s purpose is to help our customers love how they look. We accomplish this by providing a personal, convenient, one-of-a-kind shopping experience with compelling products and world-class service. We help fulfill this mission by providing our employees with an engaging and inclusive workplace focused on teamwork, growth and respect.

The Information Security Engineer, DevSecOps is a highly technical and creative contributor to a DevSecOps team enabling the agile development of secure and reliable web and mobile based applications.

Key Accountabilities

  • Provide leadership, guidance, and direction in the design, develop and implement automated solutions, based on a set of standards and processes that enable our application developers to easily consume security and compliance services.

  • Responsible for support of and coordinating with other Engineers, Architects, and teams in implementing a comprehensive cloud and application security program in a DevOps environment.

  • Actively review their own and the team's work product and implement improvements seen from other teams or within the industry to drive continuous improvement of the team's efficiency, speed, and quality.

  • Leverage DevOps tools to build, harden, maintain and instrument a comprehensive cloud-based security orchestration platform to be consumed in product CI/CD pipelines.

  • Develop automated security and compliance capabilities in support of DevOps processes in a large-scale AWS cloud computing environment.

  • Write complex code, building infrastructure as code, work with immutable "cloud" based environments, and build the supporting automated toolsets necessary to support the secure continuous delivery pipeline.

  • Integrate security practices across the continuous delivery pipeline to provide a comprehensive automated cloud and application security solution from the epic definition, development, test and deploy of CB applications within our data center and Amazon.

  • Plan for work and be primarily a hands-on engineer that leads by doing.

  • Take responsibility for creating design specifications and prepare technical documentation.

  • Develop a solution to integrate security into the life cycle from business initiation through operational integrity

  • Support the development of standards by creating templates and patterns for ease of use and increase the productivity of the security program

  • Foster, and build a community of practice for collective learning of the security tools, practices, and systems across all disciplines.

Skills, Abilities, Experience & Qualifications

  • Bachelor's degree in Computer Science, Management Information Systems, Engineering, or other relevant field; or equivalent combination of education and experience required.

  • 3-5 years' experience with extensive exposure to numerous aspects of software development, operations, CI/CD, and information security.

  • A minimum of 2 years' experience in DevOps automation and tooling with strong knowledge of cloud security architecture, web application security, and security engineering.

  • Strong experience in cloud and application security domains.

  • Deep understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others. An AWS professional level certification is a plus.

  • Strong and evolving competence in one or more programming languages and technologies, working knowledge of multiple tools sets, technologies and implementation environments

  • Hands-on experience with scripting and coding using Python, Perl, Ruby, PHP, or PowerShell.

  • Proficiency with AWS CLI and SDKs.

  • Working knowledge of IP networking, VPNs, DNS, load balancing and firewalling

  • Experience building infrastructure as code using AWS CloudFormation, Terraform or similar automated techniques

  • Experience with Chef, Puppet, Salt, or Ansible in production environments

  • Experience in establishing secure software development guidelines and in performing security code and design reviews

Work Environment & Physical & Mental Demands

  • Ability to sit and work at a computer keyboard for extended periods of time

  • Ability to stoop, kneel, bend at the waist, and reach on a daily basis

  • Able to lift and move up to 25 pounds occasionally

  • Must utilize visual acuity, speech and hearing, hand and eye coordination and manual dexterity necessary to operate a computer and office equipment

  • Ability to work at least 40 hours per week from the Company's Houston, Texas corporate office with flexibility based on project needs

#TBIndeed

#LI-AS1

Note: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required and are not intended to be an exhaustive list of all duties, responsibilities or qualifications associated with this job.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Data Center Engineering Specialist Infrastructure Information Security

Facebook

Posted 5 days ago

VIEW JOBS 11/11/2019 12:00:00 AM 2020-02-09T00:00 Facebook is seeking a forward thinking experienced Information Security professional to join our Data Center Site Operations team. Our data centers, and the tens of thousands of servers installed in them, are the foundation upon which our rapidly scaling infrastructure efficiently operates and upon which our innovative services are delivered. Facebook is at the leading edge of the global data center industry both in terms of how data centers are designed and operated. This person should enjoy working in a fast-paced environment where adaptability and flexibility will be key to their success. This position is full-time and will be based in Fremont, California. We seek an Information Security professional with advanced, hands-on technical skills in designing, supporting, and assessing compliance-related controls and procedures (ideally in a Data Center environment). The successful candidate should have deep knowledge and experience in at least one of the following core areas: Information Security, risk assessment/mitigation, common security standards (NIST/ISO/PCI-DSS). RESPONSIBILITIES * Drive cross-functional team initiatives to perform physical and logical information security risk assessments Identify improvements to processes and workflows, related to physical data protection Evaluate existing and new technologies, advise on security standards for infrastructure technology projects and supporting procedures Lead work investigating complex technical matters on a scale beyond the individual Data Center site, and spanning multiple disciplines such as Storage technologies, data destruction methodologies, and workflow integration Find opportunities to globally improve and innovate in key areas such as data destruction, repair and decommissioning workflows Leverage existing metrics and define exceptions to implement process improvements and controls at scale Collaborate with Information Security and compliance to validate that processes and procedures align with program requirements Serve as an expert in issues related to media chain of custody within the Data Center space, and escalate issues related to infrastructure, incident management or capacity planning, as appropriate Perform and present root cause analyses and after action assessments Provide guidance to and mentor technical leads and be the go-to technical resource for Information Security issues in the Site Operations team Build cross functional relationships, influence policies and procedures to improve global data center operations Ability to travel up to 30% required MINIMUM QUALIFICATIONS * BS, BEng or BA in technical field or commensurate experience 7+ years of Information Security experience Experience analyzing complex workflows and support/enhance requirements-based Information Security controls within the Data Centers Knowledge in supply chain, logistics and asset management in a Data Center environment Experience managing multiple projects within the same time schedule, possessing excellent time and project management skills Comfortable working individually as well as in small and large groups on a regular basis Communication experience PREFERRED QUALIFICATIONS * CISSP, CISA, GIAC-GSNA, or GIAC-GCCC Experience participating in complex, data protection projects in an enterprise, data center environment Experience with data center environment Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com. Facebook Fremont CA

Information Security Devsecops Engineer

Tailored Brands