Sr. Staff Engineer DevSecOps
Sierra Wireless
Responsibilities:
DevSecOps Strategy:
Implement the Semtech DevSecOps strategy to integrate security seamlessly into the software development lifecycle.
Collaborate with cross-functional teams to establish and maintain secure coding standards, continuous integration, and continuous delivery pipelines.
DevSecOps Planning:
Establish clear project security goals and objectives, defining and prioritizing security requirements to align with organizational objectives.
Identify and assess potential security risks and threats, developing a comprehensive threat model for the application.
Set up a robust security governance structure within the project, implementing a security architecture plan and documenting all aspects of the planning process for future reference.
Security Automation:
Evaluate, implement, and manage security tools and technologies within the DevOps toolchain to automate security testing, vulnerability scanning, and compliance checks.
Ensure the tools are effectively utilized to identify and remediate security vulnerabilities early in the development process.
Drive the automation of security controls and processes to enhance efficiency and reduce manual intervention.
Implement automated security testing, code analysis, and deployment validation to maintain a high level of security without impeding development velocity.
Develop and maintain automated security processes for infrastructure as code (IaC) deployments.
Operations & Monitor:
Maintain an incident response plan specific to DevOps processes, ensuring rapid identification, containment, eradication, and recovery from security incidents.
Collaborate with incident response teams to integrate DevOps-related incidents into the overall organizational response plan.
Implement security monitoring and adhere to incident response procedures to detect and respond swiftly to security incidents.
Set up automated log and event monitoring, continuously updating and patching all components across production, pre-production, and development environments to minimize vulnerabilities.
Monitor all environments (Prod, Pre-Prod, Dev) for security events.
Review and update access controls, permissions, and security policies regularly, documenting all monitoring practices for reference and improvement.
Working closely with DevOps to update and patch all components in all environments to address known vulnerabilities and enhance overall security
Continuous Learning:
Stay current with industry trends, emerging threats, and security technologies.
Implement a culture of continuous learning within the team, encouraging certifications, training, and knowledge sharing.
Minimum Qualifications:
Bachelor's degree in computer science, information technology, or a related field (master's degree preferred).
Extensive experience in cloud architecture and strategy with a proven track record of successful cloud adoption.
Proven experience as a DevSecOps Engineer in AWS cloud environments.
Strong understanding of cloud security principles and best practices.
Hands-on experience with security tools such as AWS Security Hub, WAF, and third-party security solutions.
Proficiency in scripting and automation languages (e.g., Python, Shell, PowerShell).
Experience with CI/CD tools and practices such as GitHub actions, Chef, Anisble, Salt, Puppet,etc.
Knowledge of containerization and orchestration technologies (e.g., Docker, Kubernetes).
Certifications: AWS Certified Security – Specialty, Certified DevOps Engineer, or Certified Information Systems Security Professional (CISSP).
Strong analytical and problem-solving skills.