Mako Recruiting LLC

Intermediate DevSecOps Engineer

This position is ideal for candidates with a solid background in DevOps who are looking to take the next step in their career by focusing on security integration and automation. The Intermediate DevSecOps Engineer will play a key role in ensuring that security is embedded in every aspect of the software delivery process while maintaining efficient and reliable workflows.

Responsibilities:

• Design, develop, and maintain robust CI/CD pipelines to ensure efficient, automated workflows for building, testing, and deploying software applications.

• Implement and manage automation tools that facilitate continuous integration and delivery, reducing manual effort and increasing deployment velocity.
• Optimize pipelines for performance and reliability, ensuring minimal downtime and maximum efficiency during deployments.

• Continuously monitor and improve automation processes to align with the evolving needs of development and operations teams.

• Implement security controls within CI/CD pipelines by integrating Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools to detect vulnerabilities in the code during the development lifecycle.

• Automate security testing to identify potential security issues early in the development process, ensuring that all code adheres to security standards before it is deployed to production.

• Collaborate with the security team to integrate additional security measures, such as automated compliance checks, code scanning, and vulnerability management, directly into the development pipeline.

• Diagnose and resolve complex issues within CI/CD pipelines, cloud environments, and underlying infrastructure, ensuring minimal disruption to development and operations.

• Utilize monitoring and logging tools to track pipeline performance and detect anomalies in the infrastructure, responding to alerts and resolving incidents quickly.

• Conduct root cause analysis of recurring issues and implement long-term fixes to prevent future disruptions.

• Work closely with cross-functional teams, including developers, security engineers, and system administrators, to ensure that DevSecOps best practices are consistently applied across all projects.

• Provide guidance and mentorship on secure coding practices, infrastructure as code (IaC), and container security, ensuring that security is embedded throughout the software development lifecycle.

• Participate in regular reviews and discussions on the latest DevSecOps trends, tools, and methodologies to continuously improve the organization’s processes and security posture.

Qualifications:

• 3-5 years of DevOps or DevSecOps experience.

• Proficiency in CI/CD tools, scripting languages, and cloud environments.

• Strong knowledge of security best practices.

Benefits:

• 401(k)

• 401(k) matching
• Dental insurance
• Employee assistance program
• Employee discount
• Flexible schedule
• Flexible spending account
• Health insurance
• Health savings account
• Paid time off
• Parental leave
• Professional development assistance
• Referral program
• Relocation assistance

• Vision insurance

Schedule:

• 8-hour shift

• Monday to Friday

• Weekends as needed

Application Question(s):

• Are you a U.S. Citizen?

• Are you available to work full-time with a flexible schedule, including weekends as needed.

• Have you integrated security tools (e.g., SAST, DAST) into CI/CD pipelines in previous roles?