DevSecOps Automation Engineer

About the Role

As a DevSecOps Automation Engineer, you will be responsible for embedding security into every stage of our software development and deployment lifecycle. You will work closely with development, operations, and security teams to create and implement automated solutions that improve our security measures without compromising the speed or efficiency of our development processes and build/release cycles.

Key Responsibilities:

• Design, develop, and implement automation scripts,  tools, and new technologies to integrate and maintain security into CI/CD/CT pipelines.
• Maintain and support automated security scanning and static/dynamic analysis to identify vulnerabilities and compliance issues early in the development lifecycle.
• Work with development teams to remediate identified security issues and ensure that security standards are maintained across all projects.
• Develop and maintain documentation for security automation processes and tools.
• Monitor and evaluate new technologies and security practices for potential adoption.
• Provide training and support to development and operations teams to raise awareness and understanding of security best practices.
• Collaborate with security architects to define and refine security requirements and standards.
• Participate in the incident response and security investigations, leveraging automation for efficient resolution.
• Create solutions for an efficient and secure organization
• Engineer and support new CI/CD/CT initiatives, coach on new solutions and transfer knowledge.
• Provide metrics reporting and analytics dashboards in Power BI or similar tool.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• 5+ years of experience in DevOps, Security, or a related field, with a focus on automation.
• Strong understanding of security principles, techniques, and technologies (e.g., encryption, authentication, vulnerability management and testing).
• Solid grasp of all IT security concepts
• Strong understanding of the entire Software Development Lifecycle and SDLC controls
• Knowledge of the best security practices and principles
• Proficiency in scripting languages (e.g., Python, Bash,YAML and Powershell) and automation tools (e.g., Ansible, Terraform).
• Experience with Azure DevOps and containerization technologies (e.g., Docker, Kubernetes).
• Strong Knowledge of Azure and its native security tools.
• Familiarity with compliance standards and frameworks.
• Excellent problem-solving skills and the ability to work in a fast-paced, dynamic environment.
• Strong communication and collaboration skills.    
• Familiarity with core admin and support utilities for the Azure Cloud, including, but not limited to Az Cli, Azure Powershell, databricks cli, etc..
• Low-level understanding of Rest APIs and their usage for admin, support and reporting tasks.

Our Culture 

At Everest, our purpose is to provide the world with protection. We help clients and businesses thrive, fuel global economies, and create sustainable value for our colleagues, shareholders and the communities that we serve. We also pride ourselves on having a unique and inclusive culture which is driven by a unified set of values and behaviors. Click here to learn more about our culture. 

• Our Values are the guiding principles that inform our decisions, actions and behaviors. They are an expression of our culture and an integral part of how we work: Talent. Thoughtful assumption of risk. Execution. Efficiency. Humility. Leadership. Collaboration. Diversity, Equity and Inclusion.  

• Our Colleague Behaviors define how we operate and interact with each other no matter our location, level or function: Respect everyone. Pursue better. Lead by example. Own our outcomes. Win together.  

All colleagues are held accountable to upholding and supporting our values and behaviors across the company. This includes day to day interactions with fellow colleagues, and the global communities we serve.  

#LI-Hybrid

#LI-AS1