DevOps Engineer - Des Moines, IA Locals only - W2 (NO C2C) - Posted by tauqeer

Overview:

We're seeking a DevSecOps Engineer to embed security into every stage of our software development lifecycle. In this role, you'll bridge the gap between development, operations, and security, automating security controls, and fostering a security-first culture. You'll work closely with development teams to identify and remediate vulnerabilities, ensuring our applications and infrastructure are secure from design to deployment.

• Embed security tools and processes into CI/CD pipelines.
• Implement automated security testing (SAST, DAST, SCA) and manage vulnerabilities.
• Work with development teams to enforce secure coding practices.
• Create Infrastructure-as-Code (IaC) using tools like Terraform or CloudFormation with embedded security controls.
• Provide guidance on security best practices and emerging threats.
• Participate in security reviews of application designs and architecture, offering recommendations for secure design patterns and threat modeling.
• Ensure security testing is part of both functional and non-functional testing.
• Develop and implement security measures within CI/CD pipelines for engineers.
• Utilize tools like AppScan and GitHub Advanced Security to build comprehensive security scans and coverage.

• Strong understanding of DevOps principles and practices.
• Experience with cloud platforms (AWS, Azure, Google Cloud Platform) and containerization (Docker, Kubernetes).
• Experience with GitHub (CoPilot, Enterprise, Advanced Engineering), Sailpoint IIQ, MS EntraID, and Azure DevOps (ADO).
• Proficiency in scripting languages (Python, Typescript, Bash, etc.).
• Familiarity with security frameworks and compliance standards.
• Excellent communication and collaboration abilities.