- In your first 30 days... (i) Understanding of what we do and how we do it; (ii) Review current state of affairs on security; (iii) Understanding of gaps in security for SOC2 and other relevant frameworks
- In your first 60 days...(i) Taking ownership of SOC2 compliance (ii) Begin setting up best practices
- In your first 90 days... (i) Complete ownership of everything security (ii) Becoming the default escalation point for all security matters
- Design, build and implement enterprise-class security systems with engineering
- Lead planning, implementation, and testing of security systems, policies, procedures and standards
- Wear multiple hats as DevOps/SRE working with engineers (onshore and offshore) as needed
- Provide advice and assistance to management concerning information security, privacy, and related matters
- Proactively identify, assess, manage, and mitigate potential threats to security
- Ensure that security policies and directives are consistently applied
- Evaluate information security systems, methods, and practices
- Develop and implement programs for employee security awareness
- Architect cloud security solutions using the AWS ecosystem
- Lead secure software development discussions with clients and their infosec teams/questionnaires
- Ensure data on our information system is protected to prevent unauthorized access
- Design solutions that balance security and business requirements
- Lead technical teams through the investigation, RCA, remediation and documentation of security incidents
- Effectively work with engineers, product managers, and other stakeholders. Collaboration is the name of the game
- Act as a point of escalation to individual contributors and our leadership team
- Deliver dashboards and reports to a wide audience demonstrating our current program state and adherence to framework standards
- Provide guidance on data privacy regulations, including NIST standards, GDPR, CCPA, and others while implementing processes to ensure effective data protection controls
- Stay current with industry trends, attacks, mitigation measures, and application security standards
- Respond to client and vendor security assessments
- Train engineering teams and others at Knotch on security best practices
- 5+ years prior DevOps, SRE or security engineering experience in a SaaS/PaaS/IaaS environment
- A history of developing policies, standards, and best practices that you've developed from ground up in collaboration with other engineering, product and legal team members
- A self-starter mentality with the ability to lead and work with cross-functional teams
- Communication skills, empathy and expertise to instill confidence with external clients on data privacy and systems security
- A pragmatic approach to balancing security, user, and business requirements
- Knowledge of industry standard control frameworks (e.g. NIST, SOC2 etc.)
- Knowledge of what it takes to be GDPR/CCPA/SOC2 compliant
- The mindset to work in a dynamic, fast paced environment, prioritizing and delivering on evolving timelines
- Dependability traits and show a sense of urgency about getting results
- Excellent documentation skills and a care for tracking context and purpose
- Relevant certifications (e.g. CISSP, CISM, CCSP)
-
Sr. DevSecOps Engineer
2 weeks ago
Yurts Remote, United States Full timeCompany Overview: · At Yurts, we are committed to pushing the boundaries of artificial intelligence and driving innovation in enterprise solutions. Yurts makes AI practical for any enterprise by leveraging Large Language Models (LLMs) and the practical power of GenAI applications ...
-
Security Engineer, DevSecOps
3 weeks ago
Coalfire Remote, United States Full timeAbout Coalfire · Coalfire is on a mission to make the world a safer place by solving our clients' toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity lands ...
-
DevSecOps Engineer-6512
1 week ago
Widenet Consulting Remote, United StatesCompensation and Benefits · Pay range of $80/hr to $90/hr DOE. · Health & Medical Benefits, 401K, Employee Assistance Program, and Sick Time applicable by state. · Role Summary · The Sr Security Engineer is a subject matter expert for cloud platform security. This role exerci ...
-
Empower AI Inc. Remote, United StatesOverview: Empower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving compl ...
-
Mid-level DevSecOps Engineer
4 days ago
SD Solutions LLC Myrtle Point, United StatesJob Description · Job DescriptionJob Description · Opportunity: Mid-level DevSecOps Engineer (Remote) · Employment Type: Full-time, W2 employment; Exempt, salaried; Eligible for paid benefits · Corporate Overview · SD Solutions, LLC is a fast-growing professional services company ...
-
2024-7668
1 week ago
Empower AI Inc. Remote, United StatesEmpower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challeng ...
-
Software Architect – AI/ML
1 week ago
CGI Remote, United States Full timePosition Description: · CGI is one of the largest global IT companies, spread across 40 countries with endless opportunities to expand and grow. As a CGI Federal member, you have the opportunity to be a shareholder at CGI and join a family of 77, members. · CGI Federal is hirin ...
-
ED Software
1 week ago
Numotion Remote, United StatesInformation Technology · Remote, United States · • ID: · • Full-Time/Regular · By joining Numotion, you will be a part of the nation's leading provider of Complex Rehabilitation Technology. Numotion is helping thousands of people with individually configured, medically necessa ...
-
Cloud Engineer
4 weeks ago
CNA Remote, United States Full timeYou have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest pot ...
-
Principal Engineer, Govern
1 week ago
GitLab Remote, United States Full time· The GitLab DevSecOps platform empowers 100,000+ organizations to deliver software faster and more efficiently. We are one of the world's largest all-remote companies with 2,000+ team members and values that foster a culture where people embrace the belief that everyone can con ...
-
Cloud Agile Tooling Administrator
1 week ago
Leidos Remote, United StatesDescription · Cloud DevOps and Tooling Administrator – INTERN · The Leidos Partnership for Defense Health is seeking a passionate and detail-oriented intern as a Cloud DevOps and Tooling Administrator to work REMOTELY and support its $4.6B single award DHMSM IDIQ contract, known ...
-
Security Engineer
3 days ago
Applied Systems Remote, United States Full timeJob Description · Applied Systems, Inc., a worldwide leader in insurance technology, is currently searching for a Security Engineer to join our Office of Information Security (OSI) team. As members of OIS, Security Engineer works closely with application and infrastructure engine ...
-
Staff Information Security Engineer
1 week ago
InMarket Remote, United States Full timeTitle: Staff Information Security Engineer · Location: Remote - US ONLY · About inMarket · Since 2010, InMarket has been the leader in 360-degree consumer intelligence and real-time activation for thousands of today's top brands. Through InMarket's data-driven marketing platform ...
-
Product Security Engineer III
1 week ago
MINDBODY Remote, United States Full time· We're revolutionizing the fitness & wellness industry, and we're looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry's most trusted all-in-one technology platform; ClassPass is one of ...
-
Staff AppSec Engineer
3 weeks ago
Voltron Data Remote, United States Full timeStaff AppSec Engineer · As a Staff AppSec Engineer, you'll be able to protect and secure the Voltron Data and Apache Arrow ecosystems. You'll be working with our developers to identify and remediate application vulnerabilities. We are looking for a SecOps engineer who does not wo ...
-
Federal Proposal Technical Writer
2 weeks ago
Makpar Remote, United States Full timeWho we are: · Makpar is a team of innovators and consultants deploying cutting edge technologies for the federal government. We help our clients achieve their business and operational goals by solving complex problems through experience and intellect and build sustainable solutio ...
-
Software Engineer I
5 days ago
Technergetics Remote, United States Full timePosition: Software Engineer I · Beware of fraudulent job offers and postings · Technergetics will never extend an offer of employment without a thorough interview process involving face to face interviews either in-person or a virtual Teams meeting from an official Technergetics ...
-
Java Developer, Senior
1 week ago
NT Concepts Remote, United States Full timeWe are seeking a Senior Java Developer to join our team. Working at NT Concepts means that you are part of an innovative, agile company dedicated to solving the most critical challenges in National Security. We're looking for the best and the brightest to join us in supporting th ...
-
Staff Security Architect
2 weeks ago
Collectors Remote, United States Full timeCollectors is the leading creator of innovative technology that provides value-added services for collectors worldwide. We grade, authenticate, vault and sell millions of record-setting collectibles, all while modernizing and digitalizing the process to further our mission of hel ...
-
Senior Software Engineer
1 week ago
Rise8 Remote, United States Full timeYour Dream. Our Team.About Rise8 · We're transforming the United States Government and we know that takes a dream team. · We believe customer experience starts with employee experience, so we take care of our employees. We offer competitive pay and benefits, invest in employee g ...
DevSecOps Engineer - Remote, United States - Knotch
3 weeks ago
Description
About Knotch
Knotch is a Content Intelligence Platform that enables brands to drive business growth through content. We build products for people who use content to drive performance. We also offer Strategic Consulting services which enable brands to achieve new levels of efficiency and effectiveness through ongoing and ad hoc support. Knotch gives marketers a holistic view of content's performance and provides insights and actions that drive performance and increase efficiency.
As our DevSecOps Engineer you'll be a key individual contributor with a focus on our Application, Infrastructure, and Data Security/Privacy efforts. You will bring a wide range of experience in the security domains of Security Operations, Risk, Compliance and Identity Management and the tools and philosophical approaches associated with each. You will be a subject matter expert on all aspects of development, operations and security. You will also act as a change agent within the department and company by continually implementing industry standards and best practices across teams. You'd best contribute to security architecture and business strategic planning by providing objective feedback, insight, and recommendations for Knotch. You'd also be responsible for leading investigations for incident response and reviewing system logs.
Your first 90 days
How you will add value at Knotch
You will successful if you bring:
Bonus points if you have:
Benefits & Perks:
Benefits include medical, dental and vision insurance eligibility, a 401(k) plan, unlimited PTO plus 10+ company-paid holidays, a daily company break, and a wellness allowance, just to name a few
Equal Opportunity Employer:
Knotch is an equal opportunity employer. We strive to provide equal opportunities in all of our processes, including our hiring and employee experience. We pride ourselves on our three values: transparency, relentlessness, and inclusiveness. We commit to daily work towards leading with empathy, reducing bias through periodic training, and engaging with and uplifting communities of marginalized groups. We condemn all forms of racism and discrimination on the basis of race, religion, ethnicity, nationality, gender identity, sexual orientation, age, marital status, pregnancy or parenthood status, veteran status, disability status or any other identifier. We encourage all employees, clients, investors, candidates, vendors, and friends of Knotch to show up as their authentic self and deliver honest feedback (directly or anonymously) so that we may always seek to improve as an organization that is dedicated to diversity, equity, inclusion, and belonging. Share your thoughts with us, and you will be heard.
