Overview :
SHRSS (Seminole Hard Rock Support Services) is seeking a highly motivated and skilled DevSecOps Engineer. This role will be responsible for managing our application security scanning toolset, influenc ing strategy, building, and maintain ing integrations with our CI / CD pipelines , and providing security guidance to our engineering community .
You will take part in design and code reviews and offer direction to ensure that our organization is proactively managing risk.
This individual will actively collaborate with Vulnerability Management , DevOps, Penetration Testing, and remediation stakeholders to provide SME guidance and support.
Our team is growing, and we are looking for somebody with a mindset to help our programs continue to evolve.
Responsibilities : Responsibilities
Responsibilities
- Evaluate and analyze threat s , vulnerabilit ies , impact, and risk of security issues
- Support SAST , SCA and DAST scanning technologies
- Liaise with DevOps to build integrations between our scanners and the CI / CD pipelines
- Drive our shift-left strategy
- Provide SME support and remediation guidance to our stakeholders
- Develop and design DevSecOps metrics, policies, processes, and procedures
- Consult on DevSecOps requirements from diverse application / line of business partners
Qualifications : Basic :
Basic :
- 3-5 years of experience in an application security
- Experience performing secure code reviews , and web and mobile application security tes ting
- Experience with secure development, coding, and engineering practices
- Experience with OWASP Top 10 and emerging attack vectors
- Experience with SAST, DAST and SCA tools
- Experience with infrastructure as code and infrastructure testing strategies
- Working knowledge of Windows, Unix / Linux, Mac OS X, Android, iOS, etc.
- Software development experience in one or more programming languages (e.g., Java, C#, JavaScript, Python , PowerShell, B ash , Groovy )
- Knowledge of scripting to support the automation and continuous improvement of processes
- Thorough knowledge of networking technologies, OSI network layers, and TCP / IP
- Knowledge of DevSecOps pipeline, Agile methodology , container security, APIs, and microservices
- Excellent communication and collaboration skills
Preferred :
- Bachelors degree or higher in information security , equivalent demonstrated work experience and industry standard certifications
- Prior experience working on a DevSecOps role
- Information security certifications ( e.g., OSCP, OSWA, GPEN, GWAPT, eCPPT , eWPT , CEH, CISSP , CSSLP )
- Cloud security experience in one or more of the following ( Azure , AWS or GCP)
- Experience with CSPM tools ( e.g. Wiz, Orca, Prisma Cloud)
- Experience in the Casino Gaming industry
IndeedSHRSS
LI-Hybrid
zipcorporate