Q2 Software is seeking a DevSecOps Engineer who is passionate about securing innovative products that scale to 400+ financial institutions. You will interact with stakeholders across Engineering, QA, DevOps, IT, Operations, and Product Management. If you enjoy working in a highly collaborative environment and approach every day with a burning passion to build highly scalable, resilient, and secure systems, then Q2 wants you!
- Design and implement Security Automation tools for testing, monitoring, and reporting
- Design and implement Security Integrations within a CI/CD pipeline
- Incorporate Security products and processes into existing and new systems
- Bake Security controls into Engineering and DevOps pipelines (e.g., build automation and configuration management)
- Participates in code and design reviews
- Ensures the integrity of Q2 software by training, implementing and monitoring practices on Q2’s Secure Software Development Life Cycle Policy
- Trains engineers on OWASP top 10, best practices, and secure coding principles
- Work with Clients to review and assess penetration test and vulnerability assessment results
- Review the security posture of new Product integrations
EXPERIENCE & KNOWLEDGE:
- Bachelor’s degree in Computer Science, Engineering, Computer Security, Information Systems, or related field.
- 3+ years' of related security experience
- Experience with REST-style web services / APIs
- Linux or Windows System Administration experience.
- Automation and scripting via PowerShell, Python, Perl, or Bash.
- Configuration management (Ansible, Chef, and/or Puppet).
- Implemented Security solutions in public clouds (AWS, Azure, and/or Google)
- Experience with Mobile Device and Application Security
- Experience with API Security & Best Practices