DevSecOps Architect

Job Description

As a DevSecOps Architect, you will be responsible for designing, implementing, and managing the security aspects of the DevOps pipeline. You will collaborate with development, and compliance teams to ensure that security is prioritized and integrated into every phase of the software development lifecycle. This role is responsible to develop and implement a comprehensive DevSecOps strategy aligned with the organization's goals and compliance requirements working to establish security best practices and integrate them into the development and deployment process. This role is pivotal in enhancing the security posture of all applications, with a focus on implementing and maintaining security principles and best practices. You will be responsible for overseeing vulnerability scanning, analyzing web traffic, and implementing measures to identify and mitigate potential security risks.

This full-time position reports to the Director of Strategy & Architecture and is expected to work in a hybrid model, which currently includes Tuesday and Wednesday in-office.

To ensure sufficient overlap with functional and cross-functional team members globally, some flexibility with this role's regular work schedule will be required. Most of our teams have overlap with early morning and/or early evening PST. Specific scheduling needs for this role will be discussed in the initial interview.

What you’ll do:

• Analyzing, developing, and recommending improvement of software security infrastructures and standards.
• Identifies and corrects data security issues and with appropriate actions in a multiple computing platform environment.
• Deliver and promote secure coding techniques, assessing vulnerabilities, providing remediation guidance.
• Ensure compliance with PCI-DSS, GDPR, HITRUST, NIST, SOC and other related requirements of regulation.
• Provides security guidance on infrastructural designs and organizes numerous risk assessments to identify and eliminate application/product threats.
• Automate software maintenance of applications like Jenkins, SonarQube, etc. which are part of CI/CD pipeline.
• Maintain, optimize, and improve security of applications deployed on AWS and Azure.
• Develop and maintain incident response plans and participate in security incident response activities.
• Collaborate with incident response teams to investigate and resolve security incidents.
• Coordinate and communicate actively risks, priorities, and assignment of tasks for timely completion of deliverables.
• Partner with software engineers and QA team to automate and streamline our operations and processes.
• Evaluate, select, and implement security tools and technologies that align with the organization's security goals.
• Manage and optimize security tools to ensure efficiency and effectiveness

What you bring to the table:

• Minimum of seven (7+) years relevant experience in designing and building frameworks and tools
• In-depth knowledge of security principles, practices, and technologies.
• Familiarity with industry security standards and frameworks (e.g., ISO 27001, NIST, OWASP).
• Knowledge of IP networking, VPN's, DNS, load balancing and firewall.
• Proven experience as an AWS Architect with expertise in Terraform, Kubernetes, Containers and serverless.
• Strong understanding of cloud computing concepts and AWS services.
• Certification(s) such as AWS Certified Solutions Architect, Certified Information Systems Security Professional (CISSP) and/or Certified DevOps Engineer preferred.
• Strong presentation, verbal, and written communications skills.
• Must have experience in systems automation, orchestration, deployment, and implementation, as well as have skills in scaling distributed data systems.
• Experience architecting cloud native CI/CD workflows with tools like as Jenkins, Bamboo, Bitbucket, GitHub, Code Deploy (AWS) etc.
• High standards for documentation, unit testing, code reviews, continuous integration & deployment
• Strong problem-solving skills: adaptable, enthusiastic, and willing to take ownership.
• Ability to work with offshore teams & development partners is a must have.

Notes: This is a full-time, permanent position with benefits. Please submit a cover letter and resume.

About Us: Balsam Brands is a global, eCommerce retailer with roots in holiday and home décor. We strive for excellence in everything we do and present a unique opportunity for those seeking to have a meaningful impact in a people-first company that values relationship building, authenticity, and doing the right thing. We have steadily growing teams in Boise, the Bay Area, Dublin, the Philippines - and most recently, Windsor, Canada!

The company's mission is to create joy together. We empower our team and partners to love what they do, provide products and experiences that inspire meaningful moments with family and friends, and give back to our families and communities in impactful ways. When you join Balsam Brands, you'll find a culture of caring people doing challenging work and building a welcoming workplace.

• Check out our flagship brand, Balsam Hill: www.balsamhill.com
• Balsam Brands in Forbes: https://bit.ly/balsambrandsforbes 

• Balsam Brands on LinkedIn: http://www.linkedin.com/company/balsam-brands/
• Glassdoor: https://bit.ly/balsambrands-glassdoor

At Balsam Brands, we strive to offer a competitive compensation and benefits package. For permanent, full-time team members, our current package includes:

• Competitive compensation, including a cash-based incentive plan; salary is reviewed yearly and may be adjusted as part of the normal compensation review process
• Comprehensive Medical, Dental, and Vision coverage, with 100% of monthly premiums covered for team members, and 85%+ employer-paid premiums for other coverage tiers that include dependents
• Up to $2,000 annual funding toward HSA accounts
• Medical, transit, dependent care FSA
• Infertility coverage offered on all medical plans
• Generous parental leave program and flexible return options
• Company-paid life and AD&D insurance
• Company-paid short and long-term disability insurance
• 401(k) with dollar-for-dollar company match up to $4,000 per calendar year
• Employee Assistance Program (EAP) and other mental health and wellness perks
• Paid holidays, annual shutdown week, PTO, and volunteer time-off (VTO) packages
• Paid 5-week sabbatical leave after 10 years of employment
• Annual continuous learning benefit up to $1,000 per person, per fiscal year
• Up to $300 flexible reimbursement to support setup of new team member's work-from-home environment
• Generous team member merchandise discount
• Valuable extras: identity theft protection, subsidized parking, monthly wellness, pet insurance, accident & critical illness insurance

At Balsam Brands, we strive to build a diverse, equitable, and inclusive team to fulfill our purpose to create joy together. Balsam Brands is proud to be an equal opportunity employer. We encourage people from all backgrounds, ages, abilities, and experiences to apply. We do not discriminate on the basis of race, ethnicity, religion, national origin, citizenship, marital or family status, disability, sexual orientation, gender identity or expression, pregnancy or caregiver status, veteran status, or any other legally protected status. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application and interview process, to perform essential job functions, and to receive other benefits and privileges of employment.

#LI-Hybrid

Additional Information

All your information will be kept confidential according to EEO guidelines.