Expert DevSecOps Engineer

Join a great place to work with MissionSquare, a financial services corporation with approximately $79 billion in assets under management and administration and over 600 employees. Founded in 1972, MissionSquare is dedicated to the retirement needs of public sector employees. We focus on delivering results-oriented retirement and retiree health savings plans, education, investment options, personalized guidance, and related services to public sector participants in more than 9,200 plans and nearly 2 million participant accounts. We strive to make the administration of retirement programs as easy and cost-effective as possible. We have an extraordinary talent base and invite you to consider joining MissionSquare.

The DevSecOps Engineer is a highly technical role responsible for supporting, securing, managing, and deploying solutions aligned with business objectives. Candidates must have strong expertise in information security, infrastructure, software development, and operating systems, as well as an understanding of business strategy and operational needs in a fast-paced environment. This role integrates security into CI/CD pipelines, ensuring automation and compliance with security principles. DevSecOps Engineers collaborate closely with developers, system engineers, cybersecurity teams, and administrators to deliver secure, reliable solutions. They demonstrate strong analytical skills, adaptability, and the ability to meet change requests quickly, while maintaining superior communication and teamwork. With a security-first mindset, DevSecOps Engineers continuously assess threats, manage enterprise risk, and support integration and deployment requirements across multidisciplinary teams

Essential Functions for this role include:

• Build relationships with developers, stakeholders and scrum master’s to incorporate security principles into engineering design and deployments

• Supervise testing and validation in application security controls across projects

• Oversee implementation of defensive practices and countermeasures across infrastructure and applications

• Uphold CI/CD security strategy and practices in tandem with other technical team leads

• Serve as a point of contact for security-based escalations and remain tightly involved through resolution

• Build services and tools to enable developers and engineers to easily use security components produced by application security team members

• Simplify automation that applies security inter-workings with CI/CD pipelines.

• Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle

• Identify vulnerabilities in code through automated and manual assessments and promote quick remediation

• Proven experience with SAST, SCA, DAST, IaC scanning

• Strong experience using Cloud security architecture (IAM, containers, baseline)

• Understanding of threat modeling

• Performs other duties as assigned

If you have the following skills, we encourage you to apply:

• Bachelor’s degree (BA/BS) in Finance, Accounting, Business, or a related field, or equivalent professional experience

• At least 7+ years’ experience in information technology, information security administration or security operations

• Experience with agile workflows, including Scrum and Kanban.

• Understanding of containers (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes)

• Understanding of CloudFormation, Terraform, Ansible and Jenkins

• Proficient in securing Windows and *nix operating systems, endpoint applications, networking protocols and devices

• Proven experience with operations and security across Amazon Web Services (AWS) and Microsoft Azure     

• Proven experience with GitHub Actions

• Hands on experience with WIZ

• Hands on experience with application security testing (BURP)

• Ability to obtain and maintain technical team and business support influences a collaborative effort to reduce the attack surface while performing rapid, continuous implementation

• Capable of scripting in Python, Bash, Perl or PowerShell

• Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC)

• Preferred Certifications: CISSP, GIAC (GCSA, GWAPT), AWS (SSA)

 To benefit your career and support your wellbeing, we offer:

• Competitive Total Rewards package, including base pay, incentive programs, benefits, and a 401(k) plan with matching contributions

• Flexible and hybrid work schedules to support work-life balance

• Tuition reimbursement to support continued education

• Professional and career development opportunities, including courses and certifications

• Comprehensive wellness programs promoting physical, mental, and emotional health

• Volunteerism initiatives to encourage community engagement

Click here to learn more about MissionSquare’s benefits.

Equal Employment Opportunity

As a company, MissionSquare is an Equal Opportunity Employer. We strive to create an environment that reflects the value and diversity of our employees and fosters respect among them. We believe that talent from diverse backgrounds will further enhance our ability, and mission, to serve those who serve their communities.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or any other protected classifications under any applicable law.

This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.