FeedbackIf you find a bug, or have feedback, put it here. Please no job applications in here, click Apply on the job instead.Thanks for the message! We will get back to you soon.

[Spam check] What is the name of Elon Musk's company going to Mars?

Send feedback
Open Startup
Health InsurancePost a job

find a remote job
work from anywhere

👉 Hiring for a Remote position?

Post a job
on the 🏆 #1 Remote Jobs board

Remote Health by SafetyWing

Global health insurance for freelancers & remote workers










This job post is closed and the position is probably filled. Please do not apply.
\nLOCATION:       Santa Monica, CA\nTITLE:                DevOps Security Engineer\nREPORTS TO:   VP, DevSecOps\n\nAs an integral part of the operations team, the DevOps Security Engineer is passionate about security and wants to have a meaningful impact within the Healthcare space.  This individual will be part of a team charged with making sure TigerConnect is secure and stays at the top level of security and reliability in the industry. Join us and help manage/secure our AWS hosted infrastructure. Responsibilities will include hands-on security management, monitoring, discovery, and remediation of all security related issues while working cross functionally with other departments on company-wide initiatives and compliance.  \n\nThe DevOps Security Engineer will have at least 5+ years of commercial experience as a Security Engineer (including at least 3 years of current commercial experience as a DevOps Engineer) with specific focus on public cloud infrastructure, multi-tenant enterprise software security, compliance programs (HIPAA/HiTrust/FedRamp), and supporting production 24x7 highly available infrastructure with a DevOps mindset.   \n\nThe ideal candidate's background will include a strong emphasis on information security, infrastructure as code/automation, public cloud infrastructure, compliance, secure software development, and other security best practices.   \n\nWhat You'll Own:\n\n\n* Contribute to the design and integration of cyber security toolsets to enable more automated discovery, remediation, and alerting of system vulnerabilities.\n\n* Architect and integrate security tools into the CI/CD pipeline.\n\n* Architect, manage, and remediate findings from security tools, pen test reports, and compliance requirements.\n\n* Manage and maintain compliance and certifications (existing and new).\n\n* Help select and manage relationships with security vendors and partners.\n\n* Analyze and respond to production security notifications in a timely manner.\n\n* Foster DevSecOps culture and advocate for a security-first mindset amongst Security, QA, Development, and DevOps teams.\n\n* Deploying web and service-based applications in multiple instances of our PaaS.\n\n* Continually research, evaluate, and apply emerging technologies to improve security and the products.\n\n* Provide technical oversight to the development process including reviewing the technical design and the deployment architecture.\n\n* Work cross functionally with all departments to assist with security related issues as it relates to engineering, client care, and sales teams.\n\n* Willingness to take ownership, troubleshoot hands-on, and be on-call for security issues in a 24/7 environment.\n\n\n\n\nWhat You've Accomplished:\n\n\n* Experience in monitoring and responding to security events\n\n* Proven track record of creating secure cloud architectures for mission critical Internet-facing applications.\n\n* Expertise implementing and maintaining compliance (HIPAA, HI-TRUST, FEDRAMP)\n\n* Experience with build-time dependency management, unit testing and code-coverage tools, test automation techniques and tools.\n\n* Experience and understanding of microservices architecture, design patterns, and secure software development methodologies.\n\n* Experience building and managing infrastructure-as-code including automation/scripting tools and languages.  \n\n* Experience in DevOps culture and the ability to teach and profess is highly desired.\n\n* Ability to communicate security and risk-related concepts to technical and nontechnical audiences at both the executive and working level.\n\n\n\n\nWhat You Bring to the Table:\n\n\n* Background in monitoring and securing cloud environments\n\n* Linux and configuration management tools (Chef and Terraform)\n\n* Strong public cloud experience (AWS)\n\n* Security certifications are a plus (CCSP, CISSP, AWS Security)\n\n* Security policy development, implementation and enforcement.\n\n* Integrating security into a CI/CD pipeline\n\n* SSL certificate and key management policies\n\n* Scripting in either Python, Ruby, or Bash.\n\n\n

See more jobs at TigerConnect

# How do you apply?\n\n This job post is older than 30 days and the position is probably filled. Try applying to jobs posted recently instead.