IT DEVSECOPS ENGINEER

Overview :

SHRSS (Seminole Hard Rock Support Services) is seeking a highly motivated and skilled DevSecOps Engineer. This role will be responsible for managing our application security scanning toolset, influenc ing strategy, building, and maintain ing integrations with our CI / CD pipelines , and providing security guidance to our engineering community .

You will take part in design and code reviews and offer direction to ensure that our organization is proactively managing risk.

This individual will actively collaborate with Vulnerability Management , DevOps, Penetration Testing, and remediation stakeholders to provide SME guidance and support.

Our team is growing, and we are looking for somebody with a mindset to help our programs continue to evolve.

Responsibilities : Responsibilities

Responsibilities

• Evaluate and analyze threat s , vulnerabilit ies , impact, and risk of security issues
• Support SAST , SCA and DAST scanning technologies
• Liaise with DevOps to build integrations between our scanners and the CI / CD pipelines
• Drive our shift-left strategy
• Provide SME support and remediation guidance to our stakeholders
• Develop and design DevSecOps metrics, policies, processes, and procedures
• Consult on DevSecOps requirements from diverse application / line of business partners

Qualifications : Basic :

Basic :

• 3-5 years of experience in an application security
• Experience performing secure code reviews , and web and mobile application security tes ting
• Experience with secure development, coding, and engineering practices
• Experience with OWASP Top 10 and emerging attack vectors
• Experience with SAST, DAST and SCA tools
• Experience with infrastructure as code and infrastructure testing strategies
• Working knowledge of Windows, Unix / Linux, Mac OS X, Android, iOS, etc.
• Software development experience in one or more programming languages (e.g., Java, C#, JavaScript, Python , PowerShell, B ash , Groovy )
• Knowledge of scripting to support the automation and continuous improvement of processes
• Thorough knowledge of networking technologies, OSI network layers, and TCP / IP
• Knowledge of DevSecOps pipeline, Agile methodology , container security, APIs, and microservices
• Excellent communication and collaboration skills

Preferred :

• Bachelors degree or higher in information security , equivalent demonstrated work experience and industry standard certifications
• Prior experience working on a DevSecOps role
• Information security certifications ( e.g., OSCP, OSWA, GPEN, GWAPT, eCPPT , eWPT , CEH, CISSP , CSSLP )
• Cloud security experience in one or more of the following ( Azure , AWS or GCP)
• Experience with CSPM tools ( e.g. Wiz, Orca, Prisma Cloud)
• Experience in the Casino Gaming industry

IndeedSHRSS

LI-Hybrid

zipcorporate