Sr. Full Stack Software Engineer, DevSecOps

  • Odesus,
  • Rancho Park, CA
  • 1 week ago
DevSecOps, full stack, Automation, DevOps, Python, SecOps, Security, SWE
Full Time
Depends on Experience
Work from home available

Job Description

Large enterprise entertainment and media corporation in West Los Angeles is seeking Sr. Software Engineer, Security Automation & Operations for their security operations platform to elevate their SOC workflows, tooling, detections and mitigation techniques. 

The SWE will be automating security functions with the product team. Looking for a strong full-stack SWE, with experience in AWS. This position is in LA and does not need to have any security experience.

A SNAPSHOT OF YOUR RESPONSIBILITIES

  • Develop novel services and applications to automate the workflows of the security operations team
  • Contribute to the development of a custom Security Orchestration, Automation and Response (SOAR) framework to automate the SOC workflow of the SecOps team, which includes alert triaging, ticketing, reporting, paging, and mitigation
  • Develop automation tools for incident response, which includes automated containment and mitigation of threats; enhance our detection and investigation capabilities with threat correlations and intelligence, and integrate situational awareness of system intrusions
  • Apply knowledge of monitoring and analyzing events to develop clever, efficient methods and technology to triage all the various incident types and to weaponize our threat hunting capabilities
  • Contribute to the development/deployment of deception technology (e.g. honeypots, honey hashes) across both enterprise and cloud environments
  • Work closely with operations teams to develop and integrate custom playbooks, use cases and workflows that will be adopted across the SecOps team and the entire organization
  • Build novel bastian boxes with MFA; design and build secure images and other secure infrastructure components
  • Work with other developers on the InfoSec team on a variety of security automation projects (e.g. code analysis, vulnerability triaging, etc.)
  • Work with engineers across all businesses to secure CI/CD pipelines and cloud environments
  • Evaluate cutting edge security technologies, create proof-of-concepts and drive them towards adoption
  • Develop schemes and technology to secure and monitor new technologies as we adopt them
  • Be a primary point of contact between the information security team and other engineers in the company
  • Mentor software engineers by providing coaching and educational opportunities

 

WHAT YOU WILL NEED

  • 7-10+ years of experience
  • Highly proficient developer in Python, JavaScript and GO as well as in multiple scripting languages (e.g. bash, PowerShell, etc.) with experience on API development and integration
  • Strong experience using Amazon Web Services (AWS); ECS, Lambda, API Gateway, Step-Functions, RDS, etc.
  • Experience developing utilizing modern application development frameworks (Node, AngularJS, or React)
  • Experience with IDP technologies; OAuth, SAML and other identity frameworks
  • Experience with SQL and NoSQL databases
  • Experience in application security and development best practices
  • Experience with developing models and queries against large datasets
  • Familiarity with DevOps practices, including CI/CD pipelines and tooling (e.g. Jenkins).
  • Ability to develop in an Agile (SCRUM, Kanban) environment
  • Demonstrated experience delivering product features
  • Strong understanding of software design/architecture and tradeoffs
  • Familiarity with containers, micro-services, and related ecosystem
  • Good understanding of the Software Development Life Cycle

 

NICE TO HAVE, BUT NOT A DEAL BREAKER

  • BS or MS in Computer Science or equivalent experience
  • AWS Certifications (e.g. AWS Certified Developer Associate, AWS SysOps Administrator, AWS Certified Solutions Architect, AWS Certified Security Specialty, AWS Advanced Networking Specialty)
  • Previous experience with cyber security: SIEM, IPS/IDS, HIDS/NIDS, Networking, WAFs, Edge/endpoint security, DNS security, Cryptography, layered security, defense in depth practices

ABOUT YOU

 

  • A curious software engineer who has been bitten by the security bug with experience creating high-quality production-grade services
  • Believe any process that is repeated may be a candidate for automation
  • A cloud fanatic ready to build security workflows with Step Functions, Lambda, and API gateway
  • Interested in exploring how Machine Learning can be utilized to enhance security
  • Have a knack for simplifying processes and low friction security
  • Strong ability to learn and research new things, including tools, languages, frameworks, etc.
  • Excellent verbal and written communication skills including the ability to author and present materials ranging from detailed technical specifications to a high-level audience and training
  • Provide mentorship and guidance to internal teams
  • Collaborative mindset that thrives in fast-paced environments
  • You’re able to work with application teams to provide technical solutions for security best practices - you’re passionate about shifting security “left” in the SD
Dice Id : 10106335
Position Id : JG12201
Originally Posted : 2 months ago
Have a Job? Post it