You are viewing a preview of this job. Log in or register to view more details about this job.

Senior DevSecOps Engineer, 3rd Eye

Operating Company: Environmental Solutions Group - 3rd Eye A Dover Company
Location:  3rd Eye Austin Headquarters, 13915 North Mopac #406, Austin, TX 78728
Reports to:  Manager of DevSecOps
Department:  Software Engineering  
COMPANY SUMMARY:
3rd Eye is disrupting the traditional Fleet Safety Video Monitoring and Telematics industries with leading high-quality media and reliable digital delivery. Our services are engineered for high availability, maximum reach, and cost savings for our customers. Fleet managers can watch live streams or review safety events instantly, from any device, to monitor their vehicle fleet. Our technology is the cornerstone of our industry and our customers use it to improve their fleet safety, operational, and maintenance performance.
POSITION SUMMARY:
As a DevSecOps Engineer at 3rd Eye, you will help to further secure our customer data, application, and infrastructure from global and growing cybersecurity threats. You will leverage your experience within the security space to work closely among security, product, and engineering teams to assess and remediate risk, as well as design and support new security-related processes within our Software Development Life Cycle. You will maintain an understanding of and defend against the latest threats. As a DevSecOps Engineer at 3rd Eye, you will play an important role in our end-to-end product delivery to our customers with security at top of mind.
ESSENTIAL JOB FUNCTIONS INCLUDE:
  • Work directly with our security, IT, product, and engineering teams to implement security best practices across our infrastructure and applications.
  • Secure our infrastructure and applications in Amazon Web Services (AWS), leveraging automation and best practices.
  • Develop and implement security as code and compliance as code pipelines using automation tools.
  • Secure our Software Development Life Cycle by participating in and improving security-related phases of the cycle.
  • Maintain an understanding of the latest cybersecurity threats and implement best practices for protection.
  • Support and contribute to internal security policies and processes to ensure company and customer data are secure.
  • Act as a first responder for security-related incidents.
  • Participate in on-call rotations with the team.
JOB SPECIFICATIONS:
  • Bachelor’s Degree or higher in Computer Science, Engineering, or other Technical discipline or equivalent relevant experience.
  • Minimum 4 years of experience with DevSecOps Security best practices, implementing enterprise-grade security solutions.
  • Minimum 4 years of experience with AWS native security stack development and management (AWS Associate certification or higher preferred).
  • Minimum 3 years of experience writing code or scripts in a modern programming or scripting language (Java, Python, Ruby, etc.).
  • One or more recognized security and cloud specific certifications is a plus, e.g., CCSP, SSCP, CISSP, CCSK.
DESIRED SKILLS:
  • Experience in performing security vulnerability assessments, good familiarity with regulations like PCI and SOX.
  • Significant knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development.
  • Significant knowledge of AWS systems, including EC2, IAM, CloudWatch, CloudTrail, Config, Lambda, Security Groups, VPCs, WAF, Guard Duty, Inspector, etc.
  • Experience with cloud-based security management/IDS/IPS/SIEM tools such as Splunk, Cloudvisory, CrowdStrike and AWS audit, logs and reports.
  • Lead efforts on performing security audits, design/architect with security focus, and always stay up to date with latest attack vectors, vulnerabilities, remediation and protection paradigms, etc.
  • Demonstrate expertise in mitigating real-world attacks, such as DDoS, XSS, CSRF, and dictionary attacks.
  • Proven experience and deep understanding of web application architecture, including TCP/IP, HTTP, TLS, HTTP/2, and common authentication schemes.
  • Strong understanding of (NIST 800-53 or ISO 27002 or FedRAMP).
  • Knowledge of one or more SSO methodologies (AWS SSO, SAML, LDAP, MS AD).
  • Familiarity with best practices for well-architected, secure cloud applications.
DOVER COMPETENCIES:
Builds and Manages Collaborative Relationships
Results Driven
Strategic Mindset
Strong Business Acumen and Sound Judgment
Winning the Right Way
KNOWLEDGE, SKILLS, AND ABILITIES:
Ethics and Work Standards: Maintain the highest ethical and work standards, while promoting the same attributes in co-workers and others. Ensure that all business activities – with both internal and external customers – to be performed with a professional demeanor and that all participants be held accountable to this high standard.
Communication: Expresses thoughts clearly, both orally and in writing, using good grammar. Presents concise, well organized reports in Microsoft Word, PowerPoint and Excel. Listens to understand input, feedback and concerns. Provides complete information in an open, honest and straightforward manner. Responds promptly and positively to questions and requests.
Teamwork and Relationships: Works with other employees willingly and in a spirit of cooperation and teamwork. Supports cooperation. Demonstrates a commitment to the entire business and is supportive of all initiatives (company and departmental) to help grow Environmental Solutions Group business in the United States and abroad. Cooperates fully with others to achieve organizational goals. Is tactful, courteous, and considerate. Embraces a positive outlook. Is respected and trusted by others.
Continual Improvement and Problem Resolution: Identifies and communicates suggestions for work improvements. Uses technical and analytical abilities to assure existing work practices are the most efficient and cost effective possible. Performs root-cause analysis and implements viable, permanent solutions to problems. Works with both internal and external customers to develop solutions which meet company-wide needs and objectives. Applies a sense of urgency to resolve problems or creates opportunities that will increase productivity and create value. Shares best practices with other employees across the business.
Accountability:  Accepts responsibility and accessibility for both the strategic planning and the successful implementation of all projects, programs, and duties as outlined in this job description. Advises supervisor of concerns, problems and progress of work in a timely manner.
All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other factors prohibited by law.