Senior DevSecOps Engineer

Santiago

Applications have closed

ZeroFox

ZeroFox, the leader in external cybersecurity, exposes, disrupts, and responds to threats outside the perimeter.

View company page

OPPORTUNITY OVERVIEW ZeroFOX seeks a Senior DevSecOps Engineer to help us secure our cloud environments. We strongly believe in the vision of continuous integration and deployment (CI/CD) and are looking for someone who can help us continue achieving that vision securely as we scale our business. In this role, the Senior DevSecOps Engineer will be responsible for working with our Security, DevOps, and development teams to identify security threats and risks, as well as implement, maintain, and mature our internal production security tooling. They will be expected to bring a thorough, practiced understanding of Security, DevOps, and Cloud Infrastructure to this team. The ideal candidate thrives in a fast-paced, rapidly growing environment and is eager to contribute security expertise to development and delivery. They utilize the appropriate cutting edge technologies and are comfortable coaching our engineers in security application best practices, configurations, operations, and architecture design for our microservice, SaaS-based platform. On average, our engineers deploy to production 5+ times a day.  Our engineering culture is highly collaborative, implementing many core DevOps philosophies. You’ll join a team where everyone - including you - is striving to constantly improve their knowledge of infrastructure, systems, and security. We are a very supportive team - and love to pitch in when problems arise and give great peer feedback to help each other grow.

Responsibiities

  • Work closely with the Security product owner to curate and execute the ongoing production security roadmap, including advocating for and maturing our security tooling and capabilities for the production environment.
  • Determine and implement security standards for securely deploying AWS cloud infrastructure and systems.
  • Coach and motivate the entire Technology organization, including engineers, to make our codebase and production infrastructure more secure by providing guidelines and education on application security requirements.
  • Perform current state analysis and risk assessments of the organization's production security controls against industry leading security standards and provide recommendations for enhancement.
  • Design, implement, manage, and automate application and infrastructure security tools along with integrations to CI/CD pipelines, automated workflows, script-based integrations, etc.
  • Perform daily management of production security tasks, including but not limited to systems patching and patching process automation; configuring, triaging, and responding to production security alerting; and providing security reviews of engineering milestones and third party systems.
  • Assist with operations and automation to maintain SOC2 Type 2 compliance.

Qualifications and skills

  • Strong understanding of the software development lifecycle.
  • Exceptional scripting skills. Experience with Python and/or Go is a plus.
  • You treat infrastructure as code, always. Advanced knowledge of Terraform is desired. 
  • Strong knowledge of the Linux kernel and bash.
  • Experience with docker and container orchestration frameworks such as Kubernetes or Nomad.
  • Ability to troubleshoot complex network security and operational security issues in a cloud environment.
  • Thorough, in-depth knowledge of the cloud (AWS, Azure and/or GCP) tooling landscape, and the various trade-offs involved with deciding what tools/services to use.
  • Self-sufficiency in daily execution of tasks and responsibilities as a tech lead and/or scrum master equivalent.
  • BS in Computer Science or related field, or equivalent work experience.
  • DevOps/Cloud experience or security role handling cloud infrastructure, typically obtained in 5+ years.
  • Strong knowledge of modern security fundamentals and industry best practices, especially as it pertains to cloud infrastructure and production SSDLC.
  • Deep knowledge of cloud infrastructure (AWS preferred).
  • Experience building Continuous Integration / Continuous Deployment (CI/CD) workflows.
  • Experience with industry standard monitoring tools: ELK, Prometheus, Grafana, etc...
  • Experience managing containerization technologies such as Nomad and Kubernetes.
  • Strong knowledge of infrastructure as code tools, such as Terraform (preferred) or AWS CloudFormation.
  • Familiarity with configuration management tools such as Salt, Ansible.
  • Solid foundation in programming, and software development.

Benefits

  • Amazing Product: ZeroFOX has created a paradigm-shifting cybersecurity product that has been recognized as leading the next generation of predictive cyber solutions.
  • Recently raised a $74 million Series D led by Intel Capital, and joined by some of the most respected VCs in the country, like NEA and Redline Capital.
  • Awesome Culture:  ZeroFOX is a community – most describe our team as a group of close-knit, incredibly talented, and highly caffeinated people. Behind ZeroFOX’s numerous accolades lies a vibrant ecosystem where team members have fun and are rewarded for continual innovation, disruption, and taking ownership in their work.
  • Get Things Done: Innovation is woven into the fabric of our organization. Every aspect of our operations is purposeful; enabling us to research, develop and innovate faster than the competition.
  • Benefits: Competitive compensation, paid time off, and other benefits available.

Interested?

  • Ready to apply? Visit us at https://www.zerofox.com/careers/ to find out more and join the best team in the security industry.
  • Not ready to apply? Email careers_at_zerofox_dot_com to speak with a member of the team!
ABOUT ZEROFOXZeroFox’s mission is clear: we protect customers - their data, their assets and their people - across the internet. Through AI-powered technology, global intelligence collection and services provided by a team of expert analysts and threat hunters, we give customers the protection and intelligence needed to disrupt a new era of attacks on the surface, deep and dark web. With $150M+ in funding to date, recognition from Forrester as best-in-class in brand intelligence and numerous awards and honors, joining the ZeroFox team means joining a culture that is committed to excellence. That means committing to the success of each of our employees so you can be the best version of yourself on the best team. If you’re ready to join a team that is mission-oriented, customer-focused, collaborative and dedicated, you’ve come to the right place.
Equal Opportunity, Diversity & InclusionWe aim to build a team that represents a variety of backgrounds, perspectives, and skills. We embrace inclusion and ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, military or veteran status, or any other personal characteristic.

Tags: Ansible Application security Automation AWS Azure Bash CI/CD Cloud Compliance Computer Science DevOps DevSecOps Docker ELK GCP Grafana Kubernetes Linux Monitoring Network security Prometheus Python SaaS Scripting Scrum SOC 2 Terraform

Perks/benefits: Career development Competitive pay

Region: South America
Job stats:  6  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.