Senior DevSecOps Engineer

August 23

Apply Now

Receive Emails with Similar Jobs

CrossFit, LLC

WebsiteLinkedInAll Job Openings

The world's leading platform for health, happiness, and performance.

Fitness • Seminars • Training • Media

201 - 500

Description

• Design, implement, and maintain secure AWS cloud infrastructure. • Ensure the security of cloud resources through automated security controls, continuous monitoring, and threat detection. • Lead the development of security policies, procedures, and practices for cloud infrastructure. • Develop and maintain automation scripts and tools using Python to streamline security processes and improve efficiency. • Collaborate with software development teams to integrate security into the CI/CD pipeline, ensuring secure code deployment. • Implement and maintain infrastructure as code (IaC) practices, ensuring consistency and compliance across environments. • Work closely with cross-functional teams to ensure alignment on security objectives. • Lead incident response efforts for security breaches, including investigation, mitigation, and post-incident analysis. • Stay up-to-date with the latest security threats, technologies, and best practices, and implement improvements where necessary. • Conduct regular security assessments, audits, and penetration tests to identify and address vulnerabilities. • Drive the adoption of new security tools and technologies that enhance our security posture.

Requirements

• Extensive experience with AWS services, including IAM, VPC, ECS, RDS, Lambda, WAF, Cloud Firewall, and others. • Proficiency with Terraform and Terragrunt for infrastructure as code. • Strong Python programming skills, with experience in automating security and devops processes and developing security tools. • Knowledge of security best practices, threat modeling, security testing, and vulnerability management. • Ability to handle and respond to security incidents and breaches. • Skills in using monitoring tools like DataDog, Prometheus, Grafana, ELK Stack or Splunk. • Understanding of network protocols (e.g., TCP/IP, DNS, SMTP, HTTP/HTTPS) and network architecture. • Proficiency with firewall management (both traditional and next-generation) and other security devices like IDS/IPS, VPNs, and DLP systems. • Ability to configure and manage intrusion detection systems (IDS) and intrusion prevention systems (IPS). • Experience with tools such as Wireshark, Nagios, or SolarWinds for monitoring network traffic and performance. • Proficiency in using SIEM platforms like Splunk, IBM QRadar, or LogRhythm to analyze security alerts and logs. • Experience with CI/CD pipelines and integrating security tools into the development process. • Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment. • Strong communication skills, with the ability to articulate complex security concepts to technical and non-technical stakeholders.

Benefits

• Rich Medical, Dental, and Vision plans • Discretionary Paid Time Off – empowering you to unplug whenever and however you need to • Flexible spending account and 401(k) with employer matching - vested on day one • CrossFit Gym Membership Reimbursement • CrossFit Courses Benefit • Partnership Perks