DevSecOps Engineer
Dallas, TX, US, 75254
Southern Glazer's Wine & Spirits
Southern Glazer's is the premier beverage distributor for wines, spirits, beer, and non-alcoholic products in the U.S. and Canada.What You Need To Know
Open the door to a groundbreaking tech career with an industry leader. Southern Glazer’s Wine & Spirits is North America’s preeminent wine and spirits distributor, as well as a family-owned, privately held company with a 50+ year legacy of success. To create a new era in alcohol beverage sales and service, we’re heavily invested in the most transformative new technologies – and the most brilliant tech professionals. Southern Glazer’s was named by Newsweek as a Most Loved Workplace and is included on the Forbes lists for Largest Private Companies and Best Employers for Diversity.
As a full-time employee, you can choose from a full menu of our Top Shelf Benefits, including comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance plans, and a 401(k) plan. We also offer tuition reimbursement, a wellness program, parental leave, vacation accrual, paid sick leave, and more.
We offer continuous learning and career growth in a fast-paced environment where you are respected, your voice is heard, and technology is part of our strategy for success. If you’re looking to fill your glass with opportunity, come join our FAMILY.
Overview
As a DevSecOps Engineer, you will play a pivotal role in shaping our software development lifecycle by integrating security practices seamlessly into our processes. Your technical expertise and leadership will drive the implementation of robust CICD (Continuous Integration and Continuous Deployment) patterns while adhering to industry standards and policies. You’ll collaborate with cross-functional teams, ensuring that our applications are secure, reliable, and efficiently deployed. Here’s an overview of your responsibilities:
Specialized Skills and Technologies
- Github
- Kubernetes
- Docker
- Terraform
- Helm
- Prisma Cloud / SonarQube
- Any CICD Tool
Primary Responsibilities
- Implement secure, scalable solutions to address infrastructure and security requirements.
- Manage DevSecOps practices, integrating security seamlessly into the SDLC with tools like SAST/DAST solutions and Infrastructure as Code (IaC) scanning (e.g., Prisma Cloud, SonarQube).
- Identify and implement opportunities for pipeline automation and optimization, driving efficiency and speed.
- Embrace Infrastructure as Code (IaC) using tools like Terraform and Kubernetes to automate and manage multi-cloud deployments (e.g.: AWS, Azure).
- Manage containerization tools like Docker and Helm 3 for efficient application packaging and deployment.
- Maintain artifact management solutions for secure storage and distribution (e.g., Artifactory, Nexus.)
- Maintain robust monitoring solutions (e.g., Prometheus, Grafana) to gain deep insights into application and infrastructure health.
- Integrate and leverage a SIEM tool (Splunk or similar) to collect, analyze, and correlate security-related data from various sources for advanced threat detection and incident response.
- Possess understanding of web server configuration and management (e.g., Apache, Nginx) for optimal performance and security.
- Basic foundation experience in Unix/Linux administration, including scripting (Bash), user and permission management, and system troubleshooting.
- Foster a collaborative environment, working closely with development, security, and operations teams to ensure seamless software delivery.
- Stay ahead of the curve by researching and integrating the latest DevSecOps trends and methodologies.
- Share your expertise through internal training and knowledge sharing sessions.
- Develop and maintain clear documentation for DevSecOps processes and tools, ensuring consistency and knowledge transfer.
- Troubleshoot and resolve issues within the CI/CD pipeline and cloud deployments.
- Keep incident tracking tools updated and document discoveries and concerns.
- Champion agile methodologies within the DevSecOps workflow, ensuring continuous integration, delivery, and feedback loops.
- Align with Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL).
Preferred Qualifications
- Possess industry certification(s) in Azure
Minimum Qualifications
- Bachelor’s degree in Computer Science or Information Technology field
- 3+ years of experience in DevSecOps principles and practices.
- Hands on experience in implementing secure, automated CI/CD pipelines with modern tools (GitOps, GutHub Actions etc.)
- Understanding of Infrastructure as Code (IaC) tools (Terraform, Kubernetes) and multi-cloud environments (AWS, Azure, GCP).
- Understanding knowledge of containerization technologies (Docker, Helm 3).
- Experience with next-generation artifact management solutions (Artifactory, JFrog).
- Experience integrating security best practices and tools (SAST/DAST, IaC scanning) into the SDLC.
- Familiarity with API Security, Container Security, and AWS Cloud Security.
- Knowledge of Prisma Cloud, SIEM, SOC, Nessus, CrowdStrike, or similar services.
- Excellent verbal/written communication, collaboration, and problem-solving skills.
- Ability to thrive in a last-paced, dynamic environment.
- Strong scripting skills (Python, Go, Bash).
- Delivers Results
- Ability to analyze and solve problems
- Strong attention to detail
Agile Delivery Values
- Openness – Team and stakeholders agree to be open about all work and challenges
- Commitment – Personally commit to achieving the goals of the team
- Respect – Respect your team members to be capable and independent
- Courage – You have courage to do the right thing and work on tough problems
- Focus – Everyone focus on the work in the sprint and the goal of the scrum team. Rise and fall as a team
Physical Demands
- Physical demands include a considerable amount of time sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or mobile device
- Physical demands with activity or condition may occasionally include walking, bending, reaching, standing, squatting, and stooping
- May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs
EEO Statement
Southern Glazer's Wine and Spirits, an Affirmative Action/EEO employer, prohibits discrimination and harassment of any type and provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Southern Glazer's Wine and Spirits provides competitive compensation based on estimated performance level consistent with the past relevant experience, knowledge, skills, abilities and education of employees. Unless otherwise expressly stated, any pay ranges posted here are estimates from outside of Southern Glazer's Wine and Spirits and do not reflect Southern Glazer's pay bands or ranges.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs Automation AWS Azure Bash CI/CD Cloud Computer Science CrowdStrike DAST DevSecOps Docker GCP GitHub Grafana Helm Incident response ITIL Kubernetes Linux Monitoring Nessus Nginx Prometheus Python SAST Scripting Scrum SDLC SIEM SOC SonarQube Splunk Strategy Terraform Threat detection UNIX
Perks/benefits: Career development Competitive pay Flex hours Flex vacation Health care Insurance Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs