Tailored Brands, Inc.'s purpose is to help our customers love how they look. We accomplish this by providing a personal, convenient, one-of-a-kind shopping experience with compelling products and world-class service. We help fulfill this mission by providing our employees with an engaging and inclusive workplace focused on teamwork, growth and respect.
The Information Security Engineer, DevSecOps is a highly technical and creative contributor to a DevSecOps team enabling the agile development of secure and reliable web and mobile based applications.
Provide leadership, guidance, and direction in the design, develop and implement automated solutions, based on a set of standards and processes that enable our application developers to easily consume security and compliance services.
Responsible for support of and coordinating with other Engineers, Architects, and teams in implementing a comprehensive cloud and application security program in a DevOps environment.
Actively review their own and the team's work product and implement improvements seen from other teams or within the industry to drive continuous improvement of the team's efficiency, speed, and quality.
Leverage DevOps tools to build, harden, maintain and instrument a comprehensive cloud-based security orchestration platform to be consumed in product CI/CD pipelines.
Develop automated security and compliance capabilities in support of DevOps processes in a large-scale AWS cloud computing environment.
Write complex code, building infrastructure as code, work with immutable "cloud" based environments, and build the supporting automated toolsets necessary to support the secure continuous delivery pipeline.
Integrate security practices across the continuous delivery pipeline to provide a comprehensive automated cloud and application security solution from the epic definition, development, test and deploy of CB applications within our data center and Amazon.
Plan for work and be primarily a hands-on engineer that leads by doing.
Take responsibility for creating design specifications and prepare technical documentation.
Develop a solution to integrate security into the life cycle from business initiation through operational integrity
Support the development of standards by creating templates and patterns for ease of use and increase the productivity of the security program
Foster, and build a community of practice for collective learning of the security tools, practices, and systems across all disciplines.
Skills, Abilities, Experience & Qualifications
Bachelor's degree in Computer Science, Management Information Systems, Engineering, or other relevant field; or equivalent combination of education and experience required.
3-5 years' experience with extensive exposure to numerous aspects of software development, operations, CI/CD, and information security.
A minimum of 2 years' experience in DevOps automation and tooling with strong knowledge of cloud security architecture, web application security, and security engineering.
Strong experience in cloud and application security domains.
Deep understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others. An AWS professional level certification is a plus.
Strong and evolving competence in one or more programming languages and technologies, working knowledge of multiple tools sets, technologies and implementation environments
Hands-on experience with scripting and coding using Python, Perl, Ruby, PHP, or PowerShell.
Proficiency with AWS CLI and SDKs.
Working knowledge of IP networking, VPNs, DNS, load balancing and firewalling
Experience building infrastructure as code using AWS CloudFormation, Terraform or similar automated techniques
Experience with Chef, Puppet, Salt, or Ansible in production environments
Experience in establishing secure software development guidelines and in performing security code and design reviews
Work Environment & Physical & Mental Demands
Ability to sit and work at a computer keyboard for extended periods of time
Ability to stoop, kneel, bend at the waist, and reach on a daily basis
Able to lift and move up to 25 pounds occasionally
Must utilize visual acuity, speech and hearing, hand and eye coordination and manual dexterity necessary to operate a computer and office equipment
Ability to work at least 40 hours per week from the Company's Houston, Texas corporate office with flexibility based on project needs
Note: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required and are not intended to be an exhaustive list of all duties, responsibilities or qualifications associated with this job.