DevSecOps Engineer

Material Bank is a fast-paced, high-growth technology company and created the world's largest material marketplace for the Architecture and Design industry, providing the fastest and most powerful way to start and manage a design project.  Learn more about us at www.materialbank.com or see below.

--

The DevSecOps Engineer supports continuous integration and continuous deployment (CI/CD) initiatives and is an integrated team member working with software developers, system engineers, cybersecurity engineers and systems administrators.  The DevSecOps Engineer acts as a liaison with Software Development and Development Operations (DevOps) to understand strategy, execution and production support.  The role is heavily security-focused and ingrained in the CI/CD pipeline automation to deliver security principles and validation at all times.

What you’ll do:

• Assist in the development and implementation of CI/CD security strategy and practices in tandem with other technical team leads.
• Build relationships with developers, stakeholders and scrum masters to incorporate security principles into engineering design and deployments.
• Build services and tools to enable developers and engineers to easily use security components produced by application security team members.
• Enrich DevOps architecture with security standards, best practices and automations.
• Serve as a point of contact for security-based escalations and remain tightly involved through resolution.
• In-depth understanding of TCP/IP, computer networking, routing and switching
• Solid experience with firewall and intrusion detection/prevention protocols
• Influence secure API development standards and implementations across multiple platforms.
• Define security testing strategy and implement technologies and processes to support the strategy.
• Coordinate ethical hacking & penetration testing exercises
• Supervise testing and validation in application security controls across projects.
• Build services and tools to enable developers and engineers to easily use security components produced by application security team members.
• Simplify automation that applies security inter-workings with CI/CD pipelines.
• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle.
• Identify vulnerabilities in code through automated and manual assessments, and promote quick remediation.
• Partner with teams to define key performance indicators (KPIs) and metrics across business units.

What you’ll bring:

• At least 8 years’ experience in information technology, information security administration or security operations.
• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC).
• Experience with agile workflows, including Scrum and Kanban.
• Experience with DevSecOps implementations (SAST, SCA and/or DAST)
• Experience with Amazon Web Services (AWS) security and operations
• Strong knowledge on containerization and orchestration tools like Docker and Kubernetes
• Certifications – CISSP, AWS Certified Cloud Practitioner

Preferred Requirements:

• Experience in e-commerce customer portals
• High proficiency at problem-solving
• High performance on speed, team player, and details

What you’ll get from us:

• Our people: If you thrive in an inclusive, innovative, and fast-paced organization, look no further! You will get to work alongside some of the brightest minds - Join a genuinely fun and supportive workplace where we keep our employees consistently engaged through internal communication and corporate events 
• Relaxation and Celebrations: Generous PTO, Sick Days, Paid National Holidays, and even more (ask us about this when we connect). 
• Health Benefits: We contribute to your medical, dental, vision and short-term/long-term disability plans and have a strong employee assistance program. 
• Plan for your Retirement: 401(k) eligible after your first 90 day's employed!
• Giving Back: We sponsor multiple events throughout the year to help out our communities. You will receive time off to give back as well. 
• Growth: We’ll help you take your career to the next level. We want you to be creative and take initiative which will allow you to grow and create within the company. Most importantly, be the best at what matters! 
• Flexible Work Schedules: With business units and employees across the globe, Material Technologies has embraced a hybrid  working model allowing department leaders to decide on the best approach for their respective teams, whether that be remote, in person, or a little of both.  

About Material Bank 

Material Bank is the world’s largest material marketplace for the architecture and design industry, providing the fastest and most powerful way to search and sample materials. Material Bank connects design professionals to hundreds of manufacturers through facilitating brand discovery, rep engagement, and material sampling.

Material Bank has transformed the way an entire industry discovers and samples materials. By removing the friction that exists in the process, we drive business between architects and designers (members) and our Brand Partners (clients).

Our powerful material database and proprietary robotic distribution facility allow members to order samples until midnight (ET) to be delivered free of charge anywhere in the US, in one box, by 10:30 AM the next morning.

Connect with us and discover your career at Material Bank.

--   Material Bank is proud to be an equal opportunity employer. We value diversity, and all applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, age, national origin, veteran or disability status or other status protected under any applicable federal, state or local law.