DevSecOps Engineer - Chicago, United States - The University of Chicago

The University of Chicago Chicago, United States

1 day ago

Description

Department

BSD CTD DevSecOps
About the Department

The Center for Translational Data Science (CTDS) at the University of Chicago is a research center whose mission is to develop the discipline of translational data science to impactful problems in biology, medicine, healthcare, and the environment.

We envision a world in which researchers have ready access to the data needed and the tools required to make data driven discoveries that increase our scientific knowledge and improve the quality of life.

We architect ecosystems of largescale commons of research data, computing resources, applications, tools, and services for the broader research community to use data at scale to pursue scientific inquiry and accelerate discovery. Learn more at

,

,

,

and

Job Summary

As a DevSecOps Engineer on our team, you'll use your development experience to streamline our secure software development life cycle, security automation and orchestration, and incident response from requirements to monitoring in production You'll incorporate opensource tools, automation, and Cloud resources to cut down on tedious, monotonous tasks and free up the teams to do what they do best innovate.

This atwill position is wholly or partially funded by contractual grant funding which is renewed under provisions set by the grantor of the contract. Employment will be contingent upon the continued receipt of these grant funds and satisfactory job performance.

Responsibilities

Evaluate and analyze threat, vulnerability, impact, and risk of security issues discovered from various DevSecOps tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), Interactive Application Security Testing (IAST), Dynamic Application Security Testing (DAST) and Container Security platform.

Advise and collaborate with DevOps teams, developers, application, and project teams on the security issues, including explanation of the technical details and how they can remediate the vulnerabilities in their applications.

Develop and design DevSecOps metrics, policies, processes, and procedures.

Provide training to developers and other stakeholders on the usage of the tools.

Assist with implementing and designing automated security checks and additional security tools within the CI/CD pipelines.

Conduct POCs and work with vendors for DevSecOps tools to achieve security automation and efficiency.

Effectively communicate and manage expectations of various stakeholders.

Keep abreast of the latest industry trends in security and DevSecOps processes and make continuous recommendations for improvement.

Assist in maintaining FedRamp Moderate and FISMA Moderate compliance.

Investigates, analyzes and resolves daytoday technical problems using standard procedures.

Works with stakeholders to gather and analyze requirements for developmental programs. Receives a moderate level of guidance to design applications to meet University and business requirements.

Performs code testing on components and works to ensure that appropriate implementation standards are met. Evaluates design alternatives for development cost and solutions using various methods.

Supports and maintains existing applications. Works with developers and responds to requests from users.

Performs other related work as needed.

Minimum Qualifications

Education:
Minimum requirements include a college or university degree in related field.
Work

Experience:
Minimum requirements include knowledge and skills developed through 57 years of work experience in a related job discipline.

Certifications:Preferred Qualifications

Education:
A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.

Experience:

2+ years of experience developing infrastructure, system configuration and/or deployment automation, for one or more cloud platforms including OpenStack, AWS, GCP, and Azure.

Sound technical background of working with SAST, SCA, DAST, IAST and other vulnerability scanning tools.

Prior experience in performing secure code reviews, web application penetration tests.

Solid understanding of full DevSecOps pipeline, Agile methodology, container security, APIs and microservices.

Capable of working with various CI/CD tools.

Analytical thinker with excellent communication skills.

Familiarity of NIST 80053, FedRAMP, FISMA, HIPPA and other

regulatory/industries

requirements.

Experience with Palo XSOAR.

Licenses and

Certifications:
GWAPT, CEH, OSCP, CISSP etc.

Preferred Competencies
Ability to promptly respond to, triage and resolve production incidents and events.

Ability to prioritize and manage workload to meet critical project milestones and deadlines.

Ability to weigh business needs against security concern.

Ability to conceptualize a course of action and to organize for the successful completion of that action is critical, often under tight deadlines.

Ability to present information in a consistent and concise manner.

Proficient understanding of programming languages.

Knowledge in scripting to support the automation and continuous improvement of processes.

Knowledge of Python for use and development of a Security Orchestration, Automation, and Response platform.

Knowledge in build/release tools and methodologies in CI/CD pipelines, including Argo and Helm.

Confidentiality related to sensitive matters such as strategic initiatives, trade secrets, quiet periods, and scientific discoveries yet to be put in the public domain.

Application Documents
Resume (required)

Cover Letter (preferred)

When applying, the document(s)

MUST
be uploaded via the

My Experience

page, in the section titled

Application Documents

of the application.

Job Family

Information Technology
Role Impact

Individual Contributor
FLSA Status

Exempt
Pay Frequency

Monthly
Scheduled

Weekly Hours

40
Benefits Eligible

Yes
Drug Test Required

No
Health Screen Required

No
Motor Vehicle Record Inquiry Required

No
Posting Statement

The University of Chicago is an Affirmative Action/Equal

Opportunity/Disabled/Veterans

and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender, gender identity, national or ethnic origin, age, status as an individual with a disability, military or veteran status, genetic information, or other protected classes under the law.

For additional information please see the

University's Notice of Nondiscrimination.
Staff Job seekers in need of a reasonable accommodation to complete the application process should call

or submit a request via Applicant Inquiry Form.

We seek a diverse pool of applicants who wish to join an academic community that places the highest value on rigorous inquiry and encourages a diversity of perspectives, experiences, groups of individuals, and ideas to inform and stimulate intellectual challenge, engagement, and exchange.

All offers of employment are contingent upon a background check that includes a review of conviction history.
A conviction does not automatically preclude University employment.
Rather, the University considers conviction information on a casebycase basis and assesses the nature of the offense, the circumstances surrounding it, the proximity in time of the conviction, and its relevance to the position.

The University of Chicago's Annual Security & Fire Safety Report (Report) provides information about University offices and programs that provide safety support, crime and fire statistics, emergency response and communications plans, and other policies and information.

The Report can be accessed online at:
. Paper copies of the Report are available, upon request, from the University of Chicago Police Department, 850 E. 61st Street, Chicago, IL

The University of Chicago is an urban research university that has driven new ways of thinking since 1890.

Our commitment to free and open inquiry draws inspired scholars to our global campuses, where ideas are born that challenge and change the world.

We empower individuals to challenge conventional thinking in pursuit of original ideas. Students in the College develop critical, analytic, and writing skills in our rigorous, interdisciplinary core curriculum.

Through graduate programs, students test their ideas with UChicago scholars, and become the next generation of leaders in academia, industry, nonprofits, and government.

#J18808Ljbffr

DevSecOps Engineer

3 weeks ago

Motion Recruitment Partners, LLC Chicago, United States

Job Title: DevSecOps Engineer · Location: Chicago, IL (Hybrid, MUST be in the Greater Chicago Area) · Job Description: · We are seeking a skilled and experienced DevSecOps Engineer to join our team. As a DevSecOps Engineer, you will play a vital role in ensuring the security, rel ...
DevSecOps Engineer

2 weeks ago

Adapt Forward Chicago, United States

DevSecOps Engineer · Remote · No Clearance Requirement · As a DevSecOps Engineer you will play an integral role in technical administration and production support team for an ongoing case management project. It requires strong technical ability and excellent communication skills ...
Senior DevSecOps Engineer

2 days ago

Beyond Finance, Inc. Chicago, United States Full time

At Beyond Finance, we've made it our mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. Through compassionate, individualized care,a culture focused on compliance and ethics, supportive user-centric technology, ...
Senior DevSecOps Engineer

2 weeks ago

Beyond Finance, Inc. Chicago, United States

At Beyond Finance, we've made it our mission to help everyday Americans escape the endless cycle of crippling debt and step into a brighter financial future. Through compassionate, individualized care,a culture focused on compliance and ethics, supportive user-centric technology, ...
Senior DevSecOps Platform Engineer

3 weeks ago

CIBC Chicago, United States

We're building a · relationship-oriented · bank for the modern world. We need talented, passionate professionals who are dedicated to doing what's right for our clients. · At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have ...
Cloud DevSecOps Engineer III

3 days ago

McDonald's Corporation Chicago, United States

Company Description · McDonald's evolving Accelerating the Arches growth strategy puts our customers and people first and demonstrates our competitive advantages to strengthen our brand. We are recognized on lists like Fortune's Most Admired Companies and Fast Company's Most Inn ...
Global DevSecOps Platform Director

2 weeks ago

McDonald's Chicago, United States Full time

This opportunity is part of the Global Technology Infrastructure & Operations team (GTIO), where our mission is to deliver modern and relevant technology that supports the way McDonald's works. We provide outstanding foundational technology products and services including Global ...
Global DevSecOps Platform Director

3 weeks ago

McDonald's Chicago, United States

McDonald's evolving Accelerating the Arches growth strategy puts our customers and people first and demonstrates our competitive advantages to strengthen our brand. We are recognized on lists like Fortune's Most Admired Companies and Fast Company's Most Innovative Companies. · Do ...
Software Development Engineer in Test

2 weeks ago

CNA Chicago, United States Full time

JOB DESCRIPTION · : As a Software Development Engineer in Test (SDET) at CNA, you are responsible for designing, developing, and executing comprehensive test plans ensuring our software applications are efficiently tested and delivered with the highest quality standards. In this ...
Software Engineering Practice Lead

2 weeks ago

Grainger Chicago, United States Full time

About Grainger: · Grainger is a leading broad line distributor with operations primarily in North America, Japan and the United Kingdom. We achieve our purpose, We Keep the World Working, by serving more than 4.5 million customers with a wide range of products that keep their op ...
Quality Engineering Manager

1 week ago

Federal Reserve System Chicago, United States Full time

Company · Federal Reserve Bank of Kansas CityFederal Reserve Financial Services (FRFS) delivers a suite of payments services to financial institutions via FedLine Solutions, Fedwire, National Settlement Service (NSS), FedCash, FedACH, and Check Services. We are currently leadin ...
Lead Solutions Architect/Azure Cloud Solutions Architect

2 weeks ago

Proviniti Chicago, United States

The Cloud Architect role requires someone with hands-on experience as an Architect and Developer. · Microsoft Certified: Azure Solutions Architect Expert (MUST) · Description: · The Transaction Processing and Settlements team is seeking a highly skilled and experienced Azure Clo ...
Lead Data Architect

1 week ago

Northern Trust Corporation Chicago, United States Full time

About Northern Trust: · Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. · Northern Trust is proud to provide innovative financial services and guidance to the world's most succ ...
Global Tech Infrastructure

2 weeks ago

McDonald's Chicago, United States

McDonald's evolving Accelerating the Arches growth strategy puts our customers and people first and demonstrates our competitive advantages to strengthen our brand. We are recognized on lists like Fortune's Most Admired Companies and Fast Company's Most Innovative Companies. · Do ...
Cloud DevOps Engineer I

2 weeks ago

McDonald's Corporation Chicago, United States

Company Description · McDonald's evolving Accelerating the Arches growth strategy puts our customers and people first, and leverages our competitive advantages to strengthen our brand. · We are recognized on lists like Fortune's Most Admired Companies and Fast Company's Most In ...
Linux Engineer

1 week ago

Diverse Lynx Chicago, United States

My name is Vivek and I'm a Account Manager at Diverse Lynx. We provide IT/Non IT/Healthcare Consulting Services to our customers immediate and long-term resource needs. I am contacting you either because your resume has been posted to one of the internet job sites to which we sub ...
Technical Architect

3 weeks ago

Highbrow Chicago, United States

Job Title: Technical Architect · Job ID: · Job Location: Chicago, IL · Job Travel Location(s): · # Positions: 1 · Employment Type: W2 · Candidate Constraints: · Duration:Long term · # of Layers: · Work Eligibility: · Key Technology:Architecture, Analysis, DevSecOps, Mai ...
Senior Manager

4 days ago

United Airlines Chicago, United States Full time

· There's never been a more exciting time to join United Airlines. We're on a path towards becoming the best airline in the history of aviation. Our shared purpose – Connecting People, Uniting the World – is about more than getting people from one place to another. It also means ...
Security Operations Engineer

21 hours ago

Cars Commerce Chicago, United States

About the role: · As a Security Operations Engineer, you will be responsible for ensuring the security of our software development and deployment processes while promoting a culture of security within our organization. You will collaborate closely with development, operations, a ...
Cloud Engineer

2 weeks ago

CNA Insurance Chicago, United States

You have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest pot ...