Senior DevSecOps Engineer

SENIOR DEVELOPMENT SECURITY OPERATIONS ENGINEER

REMOTE, USA

(U.S. Citizenship required)

At FourKites we have the opportunity to tackle complex challenges with real-world impacts. Whether it’s medical supplies from Cardinal Health or groceries for Walmart, the FourKites platform helps customers operate global supply chains that are efficient, agile and sustainable.

Join a team of curious problem solvers that celebrates differences, leads with empathy and values inclusivity.

Reporting to the VP of Information Security, the Senior DevSecOps Engineer is a key leader responsible for driving all security engineering initiatives throughout the organization. This is a strategic role that will partner with DevOps, TechOps and the Engineering Orgs. 

The position requires an experienced technology professional with the right mix of relevant experience and roll up your sleeves attitude, an ability to flex between strategic and tactical, outstanding verbal and written communication skills, and a high level of energy and passion to get things done and thrive in a fast-paced, team-oriented product development environment. They will be an infrastructure security leader who embodies FourKites’ leadership principles of leading by example, communicating openly, enabling and inspiring others, excelling with partners, acting decisively, and collaborating effectively.

Responsibilities

• Design, build and support security tools and processes to effectively secure the organization and cloud environments
• Develop, implement and operate controls to secure cloud based systems
• Responsible for full lifecycle management of all security tooling: AV, IPS, SIEM, WAF, FIM, DLP, CSPM, Compliance Controls, IAM, log aggregation.
• Build and maintain automation and integrations with security tooling for growth and scale
• In close collaboration and partnership with Information Security leaders and engineers, develop standards, guidelines and policies on architecture and design decisions
• Work with various teams to ensure security is part of the build and CI\CD processes
• Drive incident, problem management, and root cause analysis within the defined SLAs
• Develop, monitor and respond to all alerts across the organization 
• Ability to work independently to resolve technical & infrastructure issues reported by customers and internal teams.
• Create documentation on run books, common troubleshooting, issue resolution, best practices and deliver trainings to other engineers on the security team
• Partner with development teams to resolve complex issues
• Experience in change and release management process
• Ensure architectural security alignment with our plans for current and expanded operations using a mix of cloud SaaS.
• Analyze the current technology environment to detect critical security deficiencies and recommend solutions
• Plan for and respond to security issues, driving towards product resolution

Experience (Must have)

• Experience building cloud infrastructure using automation
• Experience with build systems / tools like Jenkins, CloudFormation, Terraform
• Experience with securing Azure cloud environments
• Experience with SAST\DAST\IAST tooling
• Experience with SIEM technologies and threat modeling
• Experience with managing vulnerability management programs and remediation lifecycles
• Experience with automation and integrations with CI\CD pipelines
• Experience with security automation and orchestration processes
• Experience with scripting and consuming API’s: Python, Ruby, etc
• Experience with incident response and remediation strategies
• Advanced knowledge of native cloud services. Expert ability to identify risks in designs and communicate with key stakeholders to address the risk and drive a solution.
• Advanced understanding of techniques and tricks used by hackers to gain entry into corporate networks.

Educational Qualification: Bachelor's degree and 5 or more years of work experience in an DevOps, TechOps or CloudOps role.

If you are a California resident, here is our California Applicant Privacy Notice.

If you are a European Union resident, here is our EU Applicant Privacy Notice.

Who we are:

FourKites® is the #1 supply chain visibility platform in the world, extending visibility beyond transportation into yards, warehouses, stores and beyond. Tracking more than 2.5 million shipments daily across road, rail, ocean, air, parcel and courier, and reaching over 185 countries, FourKites combines real-time data and powerful machine learning to help companies digitize their end-to-end supply chains. More than 1,000 of the world’s most recognized brands — including 9 of the top-10 CPG and 18 of the top-20 food and beverage companies — trust FourKites to transform their business and create more agile, efficient and sustainable supply chains.  

FourKites provides competitive compensation with stock options, outstanding benefits and a collaborative culture for all employees around the globe. To help you be your best, we have 5 global recharge days, in addition to standard holidays, and a hybrid, flexible approach to work. Parental leave for all parents, an annual wellness stipend and volunteer days also provide you with time and resources for self care and to care for others. Throughout the year, FourKites sets aside time during the workday to learn and celebrate diversity. And we're always listening for new ways to support everyone in and out of the office.