Job
Description
We re building a team that indexes on moving fast, solving challenging engineering problems and providing value to our customers. To be successful, youll be partnering with infrastructure, security, machine learning, search, and data teams to identify their DevOps and security needs and implement solutions. This is an opportunity to play an integral role at the fastest-growing AI company in its space. Secure Infrastructure: Design, implement, and maintain secure infrastructure and environments (such as FedRAMP compliant environment) consisting of applications, containers, virtual machines and cloud infrastructure. Vulnerability Management: Collaborate with teams to remediate and mitigate identified vulnerabilities. Also, work with the security team to assess vulnerabilities as well as identify potential security risks and weaknesses in the system. Security Automation: Develop and maintain security automation tools and scripts to streamline security processes and patch management as well as ensure consistent application of security controls across deployment pipelines and infrastructure. Incident Response: Respond to security incidents promptly, perform root cause analysis, and implement measures to prevent future occurrences. Security Audits and Compliance: Assist in security audits and compliance assessments to ensure adherence to industry standards and regulations. Collaborate with internal and external auditors to address any security-related findings. Collaboration and Documentation: Work closely with developers and security teams to identify security requirements and implement appropriate solutions. Maintain clear and comprehensive documentation of security practices, standards, and procedures. What You Bring To The Table? Bachelors degree in computer science, information security, or a related field. 2 - 4 years of experience as DevSecOps / DevOps engineer with exp in security Good knowledge of software development processes and CI/CD pipelines. Proficiency in programming and scripting languages such as Python and Bash. Understanding of security principles, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10). Familiarity with security tools and technologies such as static code analysis, vulnerability scanners, intrusion detection/prevention systems, and SIEM solutions. Experience with vulnerability management and automating processes for resolving vulnerabilities. Experience with cloud platforms (e.g., AWS, Azure, Google Cloud) and containerization technologies (e.g., Docker, Kubernetes). Experience with infrastructure-as-code tools (e.g., Terraform, CloudFormation). Knowledge of security frameworks and standards (e.g., ISO 27001, NIST, PCI DSS). An appetite for working at a startup pace on challenging problems with a high degree of ownership.
