Devops Security Engineer

What you ’ll do

• Collaborate with the DevOps team to design, implement, and manage a robust DevSecOps framework for our software development pipeline, integrating security tools and processes into our CI / CD workflows to enhance the developer experience
• Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies
• Create security focused DevSecOps policies and standards and provide training and awareness to the development team
• Develop Key Risk Indicators (KRIs) to track security posture across business lines, measure progress and identify outliers
• Implement and manage security testing tools and processes within the CI / CD pipeline, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and open source security (OSS)
• Work together with the DevOps team to automate security controls and compliance checks within the development pipeline, ensuring adherence to industry best practices and regulatory requirements
• Troubleshoot and resolve security issues throughout the software development lifecycle
• Stay abreast of emerging security threats, vulnerabilities, and DevSecOps best practices to continuously improve our security posture

What’s required

• 7-10 years of experience in software development, DevOps, or security engineering, with a strong focus on DevSecOps practices
• Expertise in CI / CD tools such as GitHub, Jenkins, GitLab CI / CD, Azure DevOps, or similar
• Proficiency in infrastructure-as-code tools like Terraform or CloudFormation
• Strong scripting and automation skills using Python, Bash, or similar languages
• Experience with security testing tools such as SonarQube, SNYK, Nessus, Qualys, or similar
• Familiarity with containerization technologies like Docker and Kubernetes
• Knowledge of security best practices for cloud environments (AWS, Azure, GCP)
• Understanding of security frameworks and compliance standards such as NIST CSF, ISO 27001, SOC 2
• Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, agile environment
• Strong problem-solving skills and a passion for continuous improvement in security practices
• Commitment to the highest ethical standards

We take care of our people

We invest in our people, their careers, their health, and their well-being. When you work here, we provide :

• Fully-paid health care benefits
• Generous parental and family leave policies
• Mental and physical wellness programs
• Volunteer opportunities
• Non-profit matching gift program
• Support for employee-led affinity groups representing women, minorities and the LGBT+ community
• Tuition assistance
• A 401(k) savings program with an employer match and more

About Point72

Point72 Asset Management is a global firm led by Steven Cohen that invests in multiple asset classes and strategies worldwide.

Resting on more than a quarter-century of investing experience, we seek to be the industry’s premier asset manager through delivering superior risk-adjusted returns, adhering to the highest ethical standards, and offering the greatest opportunities to the industry’s brightest talent. t

The annual base salary range for this role is $220,000-$260,000 (USD) , which does not include discretionary bonus compensation or our comprehensive benefits package.

Actual compensation offered to the successful candidate may vary from posted hiring range based upon geographic location, work experience, education, and / or skill level, among other things.