Sr. Devsecops Engineer II (5977)

As a Sr. DevSecOps Engineer II, you'll play a critical role in designing, implementing, and maintaining secure and efficient software development and deployment pipelines. You will collaborate with cross-functional teams to integrate security practices seamlessly into the development and operations lifecycle, ensuring the delivery of high-quality, secure, and reliable software solutions.

We know that you can't have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you'll do:

• Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle.
• Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks.
• Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components.
• Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure.
• Monitor and analyze system and application logs to detect and respond to security incidents.
• Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place.
• Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.
• Participate in incident response activities, helping to investigate and mitigate security incidents in a timely manner.
• Contribute to the development and maintenance of security policies, procedures, and documentation.

What you'll need to succeed:

• 7+ years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle.
• Experience with DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium, Fortify, Acunetix, and Prisma Cloud).
• Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.
• Experience with cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-based applications and services.
• Experience with scripting languages (e.g., Python, Bash) for automation and tool integration.
• Active TS/SCI Clearance with CI poly.

SALARY RANGE: $117,000 - $205,000

The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered will be determined based on several factors including:

• The candidate's professional background and relevant work experience
• The specific responsibilities of the role and organizational needs
• Internal equity and alignment with current team compensation
• This role is also eligible for additional compensation, subject to the terms and policies of MetroStar, which may include:
• Performance-based bonuses
• Company-paid training and/or certifications
• Referral bonuses