Senior DevSecOps Engineer
Trustworthy
Time zones: EST (UTC -5),
CST (UTC -6),
MST (UTC -7),
PST (UTC -8),
AKST (UTC -9),
HST (UTC -10),
AST (UTC -4),
NST (UTC -3:30)We’re a venture-backed startup on the verge of creating a new category we’re calling the Family Operating System™, and we want you on our team. At Trustworthy our mission is to keep families organized and prepared for the unexpected by delivering a secure and beautiful online service that keeps their most important information up-to-date and accessible. Trustworthy is the family’s single destination point for everything from financial accounts, life insurance policies, and estate documents to family stories, traditions, and passport numbers.We are seeking a seasoned security oriented DevOps Engineer who is a self-starter, can document their own work, communicate well with the team and is passionate about leading dev ops and wants to have fun on a team with resources and a desire to grow.Responsibilities
- Build and maintain scalable high-quality backend services and productivity tools
- Maintain a strong security awareness through frequent assessments and software architecture design processes
- Build automation to continuously assess security risks around our AWS cloud infrastructure and further SaaS tools we integrate with like GitHub
- Proactively work to identify areas for performance gains including data and scaling challenges
- Triage reports from our security monitoring tools with the engineering team
- Work collaboratively with the QA team to deliver quality user experience
- Define security requirements (encryption, backups, data retention, …) together with our backend and web teams and automate their enforcement
- Design, create and support security tests in CI/CD pipelines, to include IAST, SAST, DAST, container scanning, API scanning, and secret detection
- Support new projects and features early in the process with your expertise; Create security requirements and test cases where needed
- Apply security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security etc.)
Requirements
- Exceptional operational troubleshooting capabilities
- Process-oriented with great documentation skills
- 5+ years overall AWS experience
- 3+ years of hands-on experience with Infrastructure as Code, preferably with Terraform and CloudFormation
- 2+ years of hands-on experience of programming in languages such as Python, Javascript, Go or similar
- Experience with automating cloud-native technologies, deploying applications, and provisioning infrastructure
- Good knowledge of Linux Basics and networking fundamentals, IP routing, load balancing and firewalls, VPN, DNS