The ideal candidate for the position will be a self-starter who is driven to find innovative ways to improve the product. The candidate will be results-oriented, passionate in the improvement of the user experience, and a critical and strategic thinker. The candidate is highly organized, can multitask and meet aggressive deadlines, and is a team-player and team-builder who can make meaningful and long-lasting connections with others.

The candidate must have the ability to assess and analyze a wide range of information to draw conclusions on how to improve the security of our systems. The candidate will lead a DevOps engineering team and be responsible for aligning the team around our new DevSecOps initiatives. You will provide strong leadership through technical excellence and mentoring, and your contributions will be key to the success of Beyond Identity.
Responsibilities

• Lead a DevSecOps team that is responsible for site reliability engineering (SRE), CI/CD pipelines, and the implementation of all cloud-native security controls
• Provide technical leadership through mentoring, a commitment to technical excellence, accountability, transparency, and skills development
• Identify and remediate security risks introduced by the CI/CD pipeline, cloud platforms, and infrastructure configurations
• Partner with Security and Compliance teams to identify, manage, document, and implement best practices and automated controls for cloud and internal solutions
• Stay up to date with the latest application security developments and security trends to continually improve internal processes
• Assess current applications and architecture to determine methods for automating security testing and control validation
• Contribute to technical design, product and vendor selection, application and technical architectures related to DevOps, transformation and automation efforts
• Establish, document, and maintain the security and regulatory posture of platforms and solutions
• Respond to security incidents by conducting incident response activities involving containment to remediation and lessons learned
• Create an open, honest, accountable, and collaborative team environment, providing timely and meaningful feedback

Skills & Qualifications

• Bachelor’s Degree in Computer Science or similar
• 4+ years of experience with Agile, DevSecOps practices working with cross-functional teams and integrating security into a CI/CD environment
• 3+ years of experience with AWS development and management (AWS Associate certification or higher preferred)
• Understanding of DevSecOps principles, tools, and their application for cloud-native Applications including Terraform, Kubernetes, Docker, Istio, Envoy
• Hands-on experience in security systems, including firewalls, intrusion directions systems, authentication systems, log management, content filtering, etc
• Broad knowledge of security monitoring, prevention, and control techniques and how they can be applied in a traditional IT environment as well as cloud-based systems
• Strong understanding of data structures, software design patterns, and TDD methodology with proficiency in Python, Golang, or similar

Pluses

• Experience with the use and deployment of Nginx, Postgres, Redis, Memcached, GitLab/GitHub, and the Atlassian platform
• Experience with cloud-based security management/IDS/IPS/SIEM tools such as Splunk, AlienVault, AlertLogic, Prisma, Threat Stack
• Experience with one or more SSO methodologies (SAML, LDAP, MS AD)
• Experience in performing security vulnerability assessment