- Be a member of Coalfire Information Security Team and liaison with Product DevOps teams to ensure compliance to information security standards
- Detect, analyze, and react to detected security events, such as vulnerabilities, potential intrusions, and malware detections within the Coalfire product environments
- Perform regular SCA/SBOM, DAST and SAST scanning of the various cloud and stand-alone applications that comprise our product lineup
- Track trends against various metrics that capture the risk, threats, and vulnerabilities within the product environment
- Provide leadership and guidance to DevOps teams on how to prioritize and implement remediation activities for application flaws
- Be a champion for security within all stages of the SDLC
- 3-6 years experience in DevSecOps, AppSec, NetSec, InfoSec, other related roles
- Familiarity with open source and commercial application security tools and frameworks
- Experience in exploiting web applications and web services using application vulnerabilities, including XSS, CSRF, injection, DoS and API attacks
- Experience with the design and deployment of servers, applications, and containers in AWS
- Experience with network security and network technologies
- Strong verbal and written communication skills
- Familiarity or direct experience with DevOps processes, including CI/CD pipelines and related tools
- Familiarity with Agile-based development lifecycle processes, such as iteration planning, stand ups, and retrospectives
- Knowledge of cloud security designs, deployments, and monitoring
- Mastery of application security concepts, such as threat modeling and secure coding techniques
- At least one security certification, such as CISM, CISA, CISSP, Security+, CCSP, etc.
- Bachelor's degree (four-year college or university) or equivalent combination of education and work experience
- MS in Information Security, Computer Science or IT related discipline
- AWS DevOps and Security certifications
- In good standing with multiples major security certification (CISSP, CISM, CGEIT, CISA or similar)
- Previous experience in network or application penetration testing, IT controls assessments/audits, or hunt response exercises
- Previous developer experience with .NET Framework, .NET Core, Java, and JavaScript
- Previous automation experience with GitLab, AzureDevOps, Jenkins, Octopus, Python and shell scripts
-
DevSecOps Engineer
2 weeks ago
Knotch Remote, United States Full timeAbout Knotch · Knotch is a Content Intelligence Platform that enables brands to drive business growth through content. We build products for people who use content to drive performance. We also offer Strategic Consulting services which enable brands to achieve new levels of effic ...
-
Sr. DevSecOps Engineer
1 week ago
Yurts Remote, United States Full timeCompany Overview: · At Yurts, we are committed to pushing the boundaries of artificial intelligence and driving innovation in enterprise solutions. Yurts makes AI practical for any enterprise by leveraging Large Language Models (LLMs) and the practical power of GenAI applications ...
-
Staff DevSecOps Engineer
3 weeks ago
eSimplicity Remote, United States Full timeeSimplicity is modern digital services company that delivers innovative federal and commercial IT solutions designed to improve the health and lives of millions of Americans while defending our national interests. Our solutions and services improve healthcare for 100+ million Ame ...
-
DevSecOps Engineer-6512
57 minutes ago
Widenet Consulting Remote, United StatesCompensation and Benefits · Pay range of $80/hr to $90/hr DOE. · Health & Medical Benefits, 401K, Employee Assistance Program, and Sick Time applicable by state. · Role Summary · The Sr Security Engineer is a subject matter expert for cloud platform security. This role exerci ...
-
Manager- Azure DevSecOps
21 hours ago
American Specialty Health Incorporated Remote, United States Full timeDescription · American Specialty Health, Inc. is seeking a Manager - DevSecOps to join our Consumer Technology QA department. The primary purpose of this position is to manage a portion of the DevSecOps engineers while fostering a culture of collaboration and continuous improveme ...
-
2024-7668
1 day ago
Empower AI Inc. Remote, United StatesEmpower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challeng ...
-
DevOps Engineer
3 weeks ago
NT Concepts Remote, United States Full timeNT Concepts is seeking a DevSecOps Engineer to join our Solutions Delivery team. This person will support a continuous integration pipeline for automation and scaling of build and deployment capabilities. · You will be part of a solutions-oriented, agile scrum team integrating ou ...
-
Senior Security Engineer
3 weeks ago
Makpar Remote, United States Full timeWho we are: · Makpar is a team of innovators and consultants deploying cutting edge technologies for the federal government. We help our clients achieve their business and operational goals by solving complex problems through experience and intellect and build sustainable solutio ...
-
Consultant, Data Engineer
5 days ago
Nationwide Private Client Remote, United States Full timeIf you're passionate about innovation and love working in an environment where you can constantly improve and adopt new technologies to drive business results, then Nationwide's Information Technology team could be the place for you At Nationwide, "on your side" goes beyond just ...
-
ED Software
1 day ago
Numotion Remote, United StatesInformation Technology · Remote, United States · • ID: · • Full-Time/Regular · By joining Numotion, you will be a part of the nation's leading provider of Complex Rehabilitation Technology. Numotion is helping thousands of people with individually configured, medically necessa ...
-
Web Applications Software Engineer III
3 weeks ago
Technergetics Remote, United States Full timePosition: Web Application Software Engineer III · Beware of fraudulent job offers and postings · Technergetics will never extend an offer of employment without a thorough interview process involving face to face interviews either in-person or a virtual Teams meeting from an offic ...
-
Cloud Engineer
2 weeks ago
CNA Remote, United States Full timeYou have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest pot ...
-
Principal Engineer, Govern
1 day ago
GitLab Remote, United States Full time· The GitLab DevSecOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world's largest all-remote companies with 2,000+ team members and values that foster a culture where people embrace the belief that everyone can con ...
-
AI / ML Intern
2 weeks ago
Leidos Remote, United StatesDescription · At Leidos, we are driven by innovation. We believe that by applying the highest standards of business ethics and visionary thinking, we can achieve everything and so can you as a Leidos employee. Leidos values your skills, training, and experience. The Health and C ...
-
Cloud Agile Tooling Administrator
2 days ago
Leidos Remote, United StatesDescription · Cloud DevOps and Tooling Administrator – INTERN · The Leidos Partnership for Defense Health is seeking a passionate and detail-oriented intern as a Cloud DevOps and Tooling Administrator to work REMOTELY and support its $4.6B single award DHMSM IDIQ contract, known ...
-
Senior Customer Success Manager
3 weeks ago
Chainguard Remote, United States Full time· Open Source has taken over the world of software development. However, the largest trade off still persists, security. Companies spend an enormous amount of time and resources patching and fortifying open source software in order to ship with confidence & compliance. · Founde ...
-
Senior Technical Recruiter
3 weeks ago
Hypergiant Remote, United States CONTRACTPlease note: This is a 6 month W2 contract role. Only US-based candidates will be considered. · Who we are: At Hypergiant, our work is driven by individuals pushing the boundary and always professionally challenging our clients to think differently. We're seeking individuals who ...
-
Product Security Engineer III
9 hours ago
MINDBODY Remote, United States Full time· We're revolutionizing the fitness & wellness industry, and we're looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry's most trusted all-in-one technology platform; ClassPass is one of ...
-
Staff AppSec Engineer
2 weeks ago
Voltron Data Remote, United States Full timeStaff AppSec Engineer · As a Staff AppSec Engineer, you'll be able to protect and secure the Voltron Data and Apache Arrow ecosystems. You'll be working with our developers to identify and remediate application vulnerabilities. We are looking for a SecOps engineer who does not wo ...
-
UI/UX Designer, Cybersecurity
3 weeks ago
Second Front Systems Remote, United States Full timeABOUT THE ROLE · Second Front Systems (2F) is seeking a motivated UI/UX Designer to support our team. We are a fast-growing entrepreneurial team working at the convergence of technology and national security. · We're on the lookout for a dynamic UI/UX Designer to join our expand ...
Security Engineer, DevSecOps - Remote, United States - Coalfire
Description
About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients' toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
But that's not who we are – that's just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
And we're growing fast.
We're looking for a Security Engineer to support our Product team.
Position Summary
The Security Engineer – DevSecOps position will provide security leadership within our product engineering teams. This resource will coordinate security requirements and standards throughout the product lifecycle by working closely with Engineering Development Operations to manage the vulnerabilities, cryptography, security monitoring, and risk management controls within our application-based products.
What You'll Do
What You'll Bring
Bonus Points
Why You'll Want to Join Us
At Coalfire, you'll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you'll work most effectively – whether you're at home or an office.
Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $78,000 to $135,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#LI-REMOTE
#LI-HJ1