Sr DevSecOps Engineer

Bring your best! What this role needs:

• Passionate about security
• A team player who enjoys collaborating with cross-functional teams
• A great communicator (written and verbal) with an ability to articulate complex topics in a clear and concise manner
• Employs a flexible and constructive approach when solving problems
• Proficient with development and scripting languages, Python and JavaScript preferred
• Strong knowledge of data security principles, encryption techniques, access controls, and secure coding practices
• Experienced with infrastructure-as-code concepts and tooling, including Terraform and YAML
• Continuously looking for opportunities to improve our processes and capabilities
• Experienced working with application and engineering teams
• A self-directed individual contributor

What you'll get to do:

• Engineer solutions with a focus on automation to reduce manual and repetitive tasks
• Guide and advise application and engineering teams in the area of Data Security
• Manage day-to-day support of Data Security tools integrated into our on-premise and cloud database environments (relational & NoSQL)
• Manage technical support of Data Security capabilities and respond to service and escalation tickets within service-level agreements
• Design, implement, and maintain procedures, processes, and methodologies that support DevSecOps capabilities
• Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats posing risk to our company
• Stay apprised of current and proposed security changes impacting regulatory, privacy, and security industry best practices
• Manage remediation efforts after security assessment findings outline weaknesses requiring attention
• Mentor other staff members to ensure consistency, quality and productivity of deliverables

Further impress us with:

• Bachelor's or equivalent experience with an emphasis in computer science, computer engineering, software engineering, or an MIS related field
• 5+ years of experience in cloud and on-prem technologies (systems administration of Unix/Linux/Windows, AWS PaaS databases, database activity monitoring, DSPM tools)
• 5+ years of experience in development, infrastructure, or cybersecurity
• Understanding of applicable risk management frameworks from NIST and Data Security Maturity Model
• Experience with CICD pipelines to automate application and infrastructure code deployments
• Experience with workload orchestration platforms such as Kubernetes
• Understanding of a wide-range of cybersecurity capabilities including data security, security engineering, identity and access management, incident response, logging and monitoring, and penetration testing
• Relevant certifications from GIAC, ISC(2), ISACA, and other recognized cybersecurity industry organizations

Compensation Range:

Pay Range - Start:
$102,060.00

Pay Range - End:
$189,540.00

Geographic Specific Pay Structure:

Structure 110:
$112,280.00 USD - $208,520.00 USD

Structure 115:

$117,390.00 USD - $218,010.00 USD

We believe in fairness and transparency. It's why we share the salary range for most of our roles. However, final salaries are based on a number of factors, including the skills and experience of the candidate; the current market; location of the candidate; and other factors uncovered in the hiring process. The standard pay structure is listed but if you're living in California, New York City or other eligible location, geographic specific pay structures, compensation and benefits could be applicable, click here to learn more.

Grow your career with a best-in-class company that puts our clients' interests at the center of all we do. Get started now!

Northwestern Mutual is an equal opportunity employer who welcomes and encourages diversity in the workforce. We are committed to creating and maintaining an environment in which each employee can contribute creative ideas, seek challenges, assume leadership and continue to focus on meeting and exceeding business and personal objectives.