DevSecOps Engineer

Since the 1930s, the way we commute, socialise and even how we make payments have changed, and yet our fundamental approach to the healthcare system hasn’t. At Ordinary Folk, we’re reimagining the building blocks of healthcare, through Noah and Zoey. Noah allows men to receive remote diagnosis and treatment across varying areas of care. Through Zoey, women’s sexual wellness and fertility journeys are supported with thoughtful products and services.
Responsibilities

As a DevSecOps engineer, you will provide leadership in the DevSecOps areas of Vulnerability Scanning, Certificate Management, Password Policy Management, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts. Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open source solutions.

What You Will Do

  • DevOps Automation: GitHub
  • CISM, CISSP or other Security Certifications.
  • Familiarity with API Security, Container Security, AWS Cloud Security
  • Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA Standards and Policies and the associated certification and audit processes
  • Auditing and Compliance Certifications such as CISA, PCI-ISA, and PCIP.
  • Familiarity with Amazon AWS Policy, Configuration, and Security Management tools.
  • Experience with security automation and machine learning.

What’s a Rich Text element?

The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.

Static and dynamic content editing

A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!

How to customize formatting for each rich text

Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.

Qualifications
Apply

Your skill and experience

  • Prior experience from 3 years in a Production Engineering or related position.
  • Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
  • Bachelor's Degree in Computer Science or related field.
  • Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, NMAP, etc).
  • Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
  • Capability to prepare security vulnerability and risk management reports for management.
  • Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes.
  • Proficiency in C/C++ Programming and Bash, Python or other scripting languages.
  • Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
  • Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
  • Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools.
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
  • Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.