Senior DevSecOps Engineer (remote), Experian Consumer Services

Company Description

Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been named in the 100 “World’s Most Innovative Companies” by Forbes Magazine.

Job Description

What could be more exciting – personally and professionally – than being part of a “disruptive” business? Consider taking your career to the next level by joining the Leader that continues to disrupt the competition. As the “disruptor” and market leader we pride ourselves on building new markets and leading the pack through continuous evolution and innovation. It’s a position Experian Consumer Services has enjoyed for more than a decade and we’re always looking for the talent that can help expand that lead.

When you’re the leader, it’s always urgent, important, and market-changing. We think that defines the true “disruptive” business. Join us and create some chaos for the competition.

The Senior DevSecOps Engineer is a hands-on technical position responsible for operating a diverse set of cloud security controls and monitoring processes. This role will work directly with security architecture teams to improve security posture and automation capabilities:

• Continuously improve the security of our e-commerce products
• Comply with a range of security and regulatory requirements (internal and external)
• Respond to audit requests and requirements
• Manage cloud security tools such as WAF, IDS/IPS, Anti-Virus, Integrity monitoring, vulnerability scanning, and cloud security/compliance monitoring frameworks.
• Operate and analyze application and infrastructure logs in order to identify suspicious activity or behavior anomalies.
• Operate and manage network traffic flow, NACLs, transit gateways, Peers, direct connect, and Security groups.
• Assess infrastructure and application vulnerabilities and take remediation actions as appropriate.
• Operate and manage AWS IAM permissions based on defined roles and responsibilities.
• Ensure tight security for an eCommerce platform including data encryption, security groups, environment scanning, etc.
• Partner with Experian Global Security office to ensure policies and standards are being properly applied.

Based on a “developer self-service model”, our cloud-computing “Platform as a Service” product automates:

• AWS resource provisioning and management (based on immutable compute resources)
• Build pipeline supporting Continuous Delivery, and SDLC Security tools, including support for canary and blue-green releases
• Manage Linux-based operating systems and associated vulnerability management processes.
• Micro-service support (service registry, service-to-service authentication, authorization, and auditing)
• Event management and analysis via logging and event data pipelines
• Instrumentation, monitoring, notification, and alerting 
• Data pipeline from transaction support (Dynamo) to BI (RedShift)

The current Platform has been implemented primarily as “infrastructure as code”, so experience with Python, or equivalent experience with other scripting or infra-coding tools is essential. The Platform is being managed as a true software product (story backlog, product roadmap, developer involvement in product direction), so Agile Product Oriented Development experience is also important.

Qualifications

Responsibilities

• Collaborate with information security, DevOps, and engineering teams to identify Platform needs and issues with respect to security
• Collaborate with key third-party security partners to ensure that security controls adhere to defined policies and mitigate risks.
• Ability to manage projects as a technical lead to ensure project initiatives are completed on time and in scope.
• Daily operational security controls and monitoring.
• Author Agile stories, estimate story points, assist with sprint planning and retrospectives
• Perform advanced security technical troubleshooting for cloud and e-commerce environments
• Participate in incident response exercises and continue documenting security and incident response procedures.
• Lead projects from start to finish and be the go-to technical person for that initiative. 
• Provide technical guidance to junior members of the team.

Education and Experience

• 8+ years of experience in Information Security, and/or Ops or DevOps role, focused on automated solutions supporting security
• Security certifications such as CISSP, CCSP, GIAC Certified Intrusion Analyst (GCIA), and GIAC Certified Incident Handler (GCIH) are a plus
• Fluent in Linux operating systems and systems Engineering
• Fluency in Python or other programming or scripting languages
• Production experience with public cloud (AWS, Google, or Azure – AWS strongly preferred)
• Experience with a variety of open-source technologies and tools in support of cross-team collaboration
• Bachelor of Science or comparable experience
• Experience leading smalls teams or projects strongly desired

Qualifications Required

• Knowledge of the InfoSec/DevOps tools chain focused on the AWS Linux platform
• Experience deploying automation solutions in a public cloud environment such as AWS
• Knowledge of PCI/HIPPA and other security-related standards and requirements
• Experience supporting security audits
• Operationally savvy, experience with monitoring, alerting, and analyzing system metrics to identify problems and understanding system behavior specific to security concerns
• Ability to work in a fast-paced, e-commerce environment
• Strong communication and collaboration skills
• Strong problem-solving skills
• A passion for security and innovation
• Collaboration, drive open communication and reach across functional borders

Benefits and Compensation

Experian offers flexible benefits and compensation packages that allow our employees to make choices that fit their individual lifestyles. Some of the benefits that we provide for full-time employees include the following:

• Medical, Dental, Vision, and Life Insurance
• Minimum 15 days flexible time off, additional sick time, plus 12 paid holidays
• 401K and company matching
• Casual, fun environment

#LI-REMOTE

#LI-NR1

Additional Information

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and and it reflects what we believe.  See our DEI work in action!

If you live in Colorado, Connecticut or New York City, please contact us at JobPostingInquiry@experian.com for the salary range of this position (include the exact Job Title as it reads above in your email). In addition to a competitive base salary and variable pay opportunity, Experian offers a comprehensive benefits package including health, life and disability insurance, generous paid time off including parental and family care leave, an employee stock purchase plan and a 401(k) plan with a company match.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here