Submit Your Resume

Upload File

Drop files here Or click here to upload the files

Is this not the right job for you? Create a job alert to be notified when a job that matches your criteria is posted.

This DevSecOps Architect will be responsible for overall design and direction of eCommerce Security Engineering across all of our applications. This role is critical in the development and on-going security posture for digital commerce applications. Accountable for identifying and implementing our security principles and best practices to maintain application security and address the impact of non-human HTTP traffic on both the performance and security of the application by applying blocks, rate limits, tarpits, or other remediation.

This role will focus on partnering with the Security Team on Vulnerability Scanning, will manage SSL certificates, assist with cloud architecture IAM needs, create processes for analyzing web traffic to identify patterns of abuse on the website, provide guidance and/or implement mitigation to address discovered abuse patterns using modern security tools, and work with developers and performance engineers to assist in securing the solution. As a subject matter expert, this role will leverage various monitoring tools to analyze the security posture of both systems & applications while working independently and collaboratively to address any issues discovered.

Through collaboration with software development and platform engineers, threat models will be reviewed and and corresponding mitigation policies will be applied. This role will be accountable to protect all external endpoints to the application stack and facilitate vulnerability scans/remediations.

Key Responsibities

  • Create, maintain, and support security configurations designed specifically for all customer-facing digital applications
  • Responsible for Web Application Security: Engineering, deployment, and operations of security policies with for web and security applications, frameworks and designs
  • Create automation for security implementations and workflow integrations, including API Security, Container Security, and Cloud Security
  • Responsible for Security Software Development: Scripting and Development in Terraform, Bash, Python, or other Shell scripting and development in other languages
  • Create and maintain advanced alerts, dashboards, and reports that appropriately monitor for web application attacks and assist with mitigation
  • Collaborate with key stakeholders within Security and Engineering teams to continuously improve the application’s security posture.
  • Collaborate with Business Directors, Managers, and Stakeholders to define expectations including needed security requirements
  • Assess and provide technical direction on future projects and needs
  • Create and present Solution Architecture designs that reflect security best practices
  • Provide accurate and thorough estimates of time and resources necessary to complete security efforts
  • Provide guidance to senior technology leadership
  • Take part in the full software development lifecycle (SDLC): design, development, testing, deployment, and maintaining
  • In all phases of the SDLC, able to engage and provide recommendations to experts of cross functional disciplines
  • Coach and mentor developers

Requirements

  • Four-year degree in Computer Science or an equivalent combination of course work and job experience
  • 10+ years of experience as a technical security engineer overseeing enterprise or retail level applications – preferably in an agile environment developing highly available software
  • 5+ years of experience in DevSecOps working with developers and engineering teams in a dynamic environment to promote/implement DevSecOps throughout the organization
  • Strong understanding of retail domain and ecommerce design ond operational processes
  • Experience developing and maintaining architecture-based documentation
  • Knowledge of open source and commercial application security tools and frameworks
  • Experience with modern security and defense mechanism applications
  • Experience in exploting web apps and providing guidance on web services security vulnerabilities: cross site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks
  • Expert knowledge of DDos techniques, OWASP risks, Vulnerabilities, and Mitigation Mechanisms
  • Proficiency in common network and web protocols
  • Experience working in cloud environments and understanding of cloud infrastructure (Google Cloud or Amazon)
  • Experience with automated continuous integration and continuous deployment software pipelines
  • Experience working with on-site and off-site development teams, coordinating work, expectations, and delivery

Critical Skills & Attributes

  • Possesses and demonstrates curiosity
  • Demonstrates excellent communication skills to both technical and non-technical personnel
  • Possess the art of negotiation to drive to end state needs
  • Ability to clearly articulate and drive alignment across mutliple teams and departments
  • Ability to create and describe project estimations with assumptions and risks
  • Ability to work in a fast-paced environment while managing multiple responsibilities
  • Willingness to learn new technologies
  • Executes with limited to no supervision; self-motivated and self-directed
FacebookTwitter
[gravityform id="7" title="false" description="false"]
<script type="text/javascript">var gform;gform||(document.addEventListener("gform_main_scripts_loaded",function(){gform.scriptsLoaded=!0}),window.addEventListener("DOMContentLoaded",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,initializeOnLoaded:function(o){gform.domLoaded&&gform.scriptsLoaded?o():!gform.domLoaded&&gform.scriptsLoaded?window.addEventListener("DOMContentLoaded",o):document.addEventListener("gform_main_scripts_loaded",o)},hooks:{action:{},filter:{}},addAction:function(o,n,r,t){gform.addHook("action",o,n,r,t)},addFilter:function(o,n,r,t){gform.addHook("filter",o,n,r,t)},doAction:function(o){gform.doHook("action",o,arguments)},applyFilters:function(o){return gform.doHook("filter",o,arguments)},removeAction:function(o,n){gform.removeHook("action",o,n)},removeFilter:function(o,n,r){gform.removeHook("filter",o,n,r)},addHook:function(o,n,r,t,i){null==gform.hooks[o][n]&&(gform.hooks[o][n]=[]);var e=gform.hooks[o][n];null==i&&(i=n+"_"+e.length),gform.hooks[o][n].push({tag:i,callable:r,priority:t=null==t?10:t})},doHook:function(n,o,r){var t;if(r=Array.prototype.slice.call(r,1),null!=gform.hooks[n][o]&&((o=gform.hooks[n][o]).sort(function(o,n){return o.priority-n.priority}),o.forEach(function(o){"function"!=typeof(t=o.callable)&&(t=window[t]),"action"==n?t.apply(null,r):r[0]=t.apply(null,r)})),"filter"==n)return r[0]},removeHook:function(o,n,t,i){var r;null!=gform.hooks[o][n]&&(r=(r=gform.hooks[o][n]).filter(function(o,n,r){return!!(null!=i&&i!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][n]=r)}});</script> <div class='gf_browser_unknown gform_wrapper gform_legacy_markup_wrapper' id='gform_wrapper_7' ><form method='post' enctype='multipart/form-data' id='gform_7' action='/surf_jobs/devsecops-architect-columbus-oh-eebcfc73/' novalidate> <div class='gform_body gform-body'><ul id='gform_fields_7' class='gform_fields top_label form_sublabel_below description_below'><li id="field_7_7" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_7"><label class='gfield_label' for='input_7_7' >First name<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_text'><input name='input_7' id='input_7_7' type='text' value='' class='large' aria-required="true" aria-invalid="false" /> </div></li><li id="field_7_8" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_8"><label class='gfield_label' for='input_7_8' >Last name<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_text'><input name='input_8' id='input_7_8' type='text' value='' class='large' aria-required="true" aria-invalid="false" /> </div></li><li id="field_7_1" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_1"><label class='gfield_label' for='input_7_1' >Email<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_email'> <input name='input_1' id='input_7_1' type='email' value='' class='medium' aria-required="true" aria-invalid="false" /> </div></li><li id="field_7_10" class="gfield gfield--width-full gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_10"><label class='gfield_label' for='input_7_10' >Phone number<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_phone'><input name='input_10' id='input_7_10' type='tel' value='' class='large' aria-required="true" aria-invalid="false" /></div></li><li id="field_7_11" class="gfield gfield--width-full gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_11"><label class='gfield_label' for='input_7_11' >Which industry do you work in?<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_text'><input name='input_11' id='input_7_11' type='text' value='' class='large' aria-required="true" aria-invalid="false" /> </div></li><li id="field_7_12" class="gfield gfield--width-full gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_12"><label class='gfield_label' for='input_7_12' >Upload my resume<span class="gfield_required"><span class="gfield_required gfield_required_asterisk">*</span></span></label><div class='ginput_container ginput_container_fileupload'><input type='hidden' name='MAX_FILE_SIZE' value='838860800' /><input name='input_12' id='input_7_12' type='file' class='large' aria-describedby="gfield_upload_rules_7_12" onchange='javascript:gformValidateFileSize( this, 838860800 );' /><span class='gform_fileupload_rules' id='gfield_upload_rules_7_12'>Max. file size: 800 MB.</span><div class='validation_message validation_message--hidden-on-empty' id='live_validation_message_7_12'></div></div></li><li id="field_7_13" class="gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible" data-js-reload="field_7_13"><label class='gfield_label' for='input_7_13' >Phone</label><div class='ginput_container'><input name='input_13' id='input_7_13' type='text' value='' autocomplete='new-password'/></div><div class='gfield_description' id='gfield_description_7_13'>This field is for validation purposes and should be left unchanged.</div></li></ul></div> <div class='gform_footer top_label'> <input type="submit" id="gform_submit_button_7" class="gform_button button om-trigger-conversion" value="Submit" onclick='if(window["gf_submitting_7"]){return false;} if( !jQuery("#gform_7")[0].checkValidity || jQuery("#gform_7")[0].checkValidity()){window["gf_submitting_7"]=true;} ' onkeypress='if( event.keyCode == 13 ){ if(window["gf_submitting_7"]){return false;} if( !jQuery("#gform_7")[0].checkValidity || jQuery("#gform_7")[0].checkValidity()){window["gf_submitting_7"]=true;} jQuery("#gform_7").trigger("submit",[true]); }'> <input type='hidden' class='gform_hidden' name='is_submit_7' value='1' /> <input type='hidden' class='gform_hidden' name='gform_submit' value='7' /> <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' /> <input type='hidden' class='gform_hidden' name='state_7' value='WyJbXSIsIjYzZTkzNzhkY2Y1YmUzYzkyOTg0MmI4YmYyZWI5OGVkIl0=' /> <input type='hidden' class='gform_hidden' name='gform_target_page_number_7' id='gform_target_page_number_7' value='0' /> <input type='hidden' class='gform_hidden' name='gform_source_page_number_7' id='gform_source_page_number_7' value='1' /> <input type='hidden' name='gform_field_values' value='' /> </div> </form> </div>
["gf_submitting_3"]
["gf_submitting_3"]
[true]
[true]
[3, 1]
[3, 1]
[2, 1]
[2, 1]
["gf_submitting_3"]
["gf_submitting_3"]
[true]
[true]
[3, 1]
[3, 1]
["gf_submitting_3"]
["gf_submitting_3"]
[true]
[true]
[3, 1]
[3, 1]
["gf_submitting_3"]
["gf_submitting_3"]
[true]
[true]
[3, 1]
[3, 1]
["gf_submitting_3"]
["gf_submitting_3"]
[true]
[true]
[3, 1]
[3, 1]