Sr. DevSecOps Engineer
Remote
Spruce
Spruce is building the one-click checkout for real estate transactions. With a focus on title insurance, escrow, and related services, our APIs and dashboards enable lenders and real estate companies to better service homeowners.Spruce is the platform enabling modern real estate transactions. We work with forward-thinking mortgage lenders, real estate companies, and investors. We believe that the future of real estate will be driven by automation, efficiency, and digital experiences. Our mission is to provide the products and services necessary to make that happen.
Spruce is looking for an experienced DevSecOps engineer to join its growing Information Security team. The ideal candidate will have an interest in security and cloud technologies and will thrive in a fast-paced startup environment.
As a part of the Information Security team, you will work on enhancing infrastructure security, including reviewing and validating cloud configurations, deploying infrastructure as code, and remediating infrastructure and network vulnerabilities. Your ability to identify and help remediate tactical security concerns while keeping the strategic goals in mind will help us drive excellence in the security posture of the organization.
What You'll Do
- Build and maintain an infrastructure security program for Spruce’s applications
- Design and configure network security in the cloud to protect sensitive information
- Partner with the Engineering to deploy and secure infrastructure and applications in our GCP cloud environment
- Build and enhance CI/CD pipelines to deploy infrastructure, applications, and security tooling
- Assess infrastructure security and tooling, provide recommendations, and implement solutions to enhance security posture
- Utilize security tools to monitor assets and remediate findings to strengthen the security posture of the organization
Who You Are
- Bachelor's Degree in one of the following: Information Security, Computer Engineering, Computer Science, Information Systems Management or relevant hands-on experience in Cybersecurity or Engineering
- Experience building infrastructure security programs with a cross-functional team in multiple workplaces
- Experience deploying and managing networking and infrastructure in cloud environments
- Hand-on experience developing and deploying Infrastructure as Code to manage infrastructure in cloud environments (Terraform, Ansible)
- Experience with container technologies (Docker, Kubernetes, and Helm)
- Excellent analytical and troubleshooting skills: monitor systems to identify threats and vulnerabilities, execute security architectures, and ensure there are no external threats
- Certification in Information Security (CISSP, CISM, CCSP) or GCP (Cloud Engineer, Cloud DevOps Engineer) is a major plus
Compensation
- The anticipated annual compensation range for this position is $165,000 - $200,000. Stock options are typically a part of the total compensation package determined on a role-by-role basis. Your actual compensation may vary depending on your relevant skills and experience.
- We provide a competitive benefit package that includes 4 weeks paid PTO, 20 paid sick days, 12 weeks paid parental leave, and comprehensive medical, dental, and vision coverage.
- We pride ourselves on a culture where everyone is treated with respect, kindness, and appreciation.
Tags: Ansible Automation CCSP CI/CD CISM CISSP Cloud Computer Science DevOps DevSecOps Docker GCP Helm Kubernetes Network security Terraform Vulnerabilities
Perks/benefits: Competitive pay Equity Health care Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs