Web Analytics

DevOps Security Engineer, TSG Security Architecture – Bain 4 views

As a DevOps Security Engineer, you will work with multiple highly skilled application engineering & infrastructure teams to improve and execute Bain & Company’s Secure Software Development Life Cycle (SSDLC), enabling Bain & Company to deliver secure products and solutions to our clients. Acting as an information security subject matter expert, you will be responsible for providing secure coding & infrastructure best-practices guidance to application engineering & infrastructure teams well also working to enable automation of tools and capabilities that support Bain’s SSDLC processes. You will also work closely with other members of the Security Architecture & Engineering team to optimize the technical capabilities of our application & infrastructure security assessment tools to provide reliable automated testing solutions.

Responsibilities & Duties

  • Provide information security guidance & support to application engineering & infrastructure teams
  • Develop new and improve existing processes & procedures for application development primarily deployed to cloud infrastructure
  • Lead teams in integration & automation of application & cloud security controls into their CI/CD pipelines
  • Provide remediation support & security expertise for application & cloud security vulnerabilities
  • Conduct risk assessments & perform threat modeling for new applications or application features
  • Perform manual validation & discovery of security vulnerabilities and track remediation activities
  • Provide Subject Matter Expertise on Application Security & secure code development
  • Provide application security & secure code training to development teams and act as a mentor
  • Collaborate with cross-functional teams, including infrastructure, development, application, product, etc.
  • Assist in creation and execution of application security initiatives
  • Provide support, maintenance, & policy creation, for SCA, SAST, DAST, & WAF solutions

Ideal Qualifications

  • Bachelor’s degree or Application Security certifications (e.g., CISSP CSSLP, OSCP, GWEB, GCIH, GWAPT, etc.)
  • 5-8 years of full-time experience in any of the following areas: cloud security engineering, application/software development, DevOps/DevSecOps engineering, or application/software engineering
  • Application vulnerability assessment, remediation, & mitigation and tools for those capabilities: SCA, SAST, DAST, & WAF experience
  • Engineering support for development in cloud infrastructure environments
  • Experience with:
    • AWS or Azure
    • automated provisioning solutions, specifically Ansible
    • automating tasks via scripting, specifically Python or PowerShell
    • writing Infrastructure-as-Code (IaC), specifically Terraform
    • source code management & version control using Git & a code repository
    • integrating security controls into a CI/CD pipeline

Job Details

Job Location

Apply for this job
Showing 1–0 of 0 jobs

Leave your thoughts

Share this job
Company Information
  • Total Jobs 4 Jobs
  • Full Address 131 Dartmouth Street Boston, Massachusetts 02116 United States

Search jobs in U.S and apply free online. Companies can post free jobs.