Lead DevSecOps Security Engineer
Lead DevSecOps Engineer
The College Board is rapidly transforming itself into an agile organization, embracing DevOps and cloud-native systems, and focused on improving speed and security of service delivery in support of an important mission. To enable this mission, the College Board is seeking a Lead DevOps Engineer to be a senior member on the team, responsible for leading, guiding and mentoring a team of engineers in the design and development of security solutions in our DevOps and cloud transformation initiatives. The Lead DevOps Engineer is a highly technical and creative contributor to a DevSecOps team enabling the agile development of secure and reliable cloud-based solutions.
Essential Functions and Responsibilities:
- Provide leadership, guidance, and direction in the design, develop and implement automated solutions, based on a set of standards and processes, that enable College Board developers to easily consume security and compliance services delivered by the Information Security Office.
- Responsible for support of and coordinating with other Engineers, Architects, and teams in implementing a comprehensive cloud and application security program in a DevOps environment.
- Provide support (coaching and mentoring) for teammate's work activities on a regular basis.
- Actively review their own and the team’s work product and implement improvements seen from other teams or within the industry to drive continuous improvement of the team’s efficiency, speed, and quality.
- Leverage DevOps tools to build, harden, maintain and instrument a comprehensive cloud-based security orchestration platform to be consumed in product CI/CD pipelines.
- Develop automated security and compliance capabilities in support of DevOps processes in a large-scale AWS cloud computing environment.
- Write complex code, building infrastructure as code, work with immutable “cloud” based environments, and build the supporting automated toolsets necessary to support the secure continuous delivery pipeline.
- Integrate security practices across the continuous delivery pipeline to provide a comprehensive automated cloud and application security solution from the epic definition, development, test and deploy of CB applications within our data center and Amazon.
- The candidate will plan for work but is primarily a hands-on engineer that leads by doing. The candidate will also take responsibility for creating design specifications and prepare technical documentation. Develop a solution to integrate security into the life cycle from business initiation through operational integrity
- Support the development of standards by creating templates and patterns for ease of use and increase the productivity of the security program
- Foster, and build a community of practice for collective learning of the security tools, practices, and systems across all disciplines.
Education/Years of Experience:
- A bachelor’s degree in Computer Science, Engineering, or MIS or equivalent experience.
- 8+ years’ experience with extensive exposure to numerous aspects of software development, operations, CI/CD, and information security.
- A minimum of 2 years’ experience in DevOps automation and tooling with strong knowledge of cloud security architecture, application security, and security engineering.
Related Skills and Other Requirements:
- Strong experience in cloud and application security domains.
- Deep understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others. An AWS professional level certification is a plus, Security Specialty certification a big plus.
- Strong and evolving competence in one or more programming languages and technologies, working knowledge of multiple tools sets, technologies and implementation environments
- Hands-on experience with scripting and coding using Python, Perl, Ruby, PHP, or PowerShell.
- Strong practical Linux based systems administration skills and scripting experience in a Cloud-based environment
- Proficiency with AWS CLI and SDKs.
- Working knowledge of IP networking, VPNs, DNS, load balancing and firewalling
- Experience building infrastructure as code using AWS CloudFormation, Terraform or similar automated techniques
- Experience with Chef, Puppet, Salt, or Ansible in production environments
- Experience in establishing secure software development guidelines and in performing security code and design reviews
- Experience in documenting security design and architecture artifacts and presenting artifacts for architectural review
- Effective communication skills are a must along with a strong customer service orientation, and the ability to clearly discern client needs.
- Experience with Akamai WAF and CDN products a plus.
- Ability to self-manage assigned projects, and delegate to and supervise the completion of tasks by other team members
- Ability to work independently with minimal direction
- Strong interpersonal skills, written and verbal communication
- Strong decision-making, problem-solving skills, critical thinking and testing skills
- A growth mindset and love of learning new technologies.
Exceptional attention to detail
This position will be subject to a background check.
The College Board is dedicated to the principle of equal opportunity and its programs, services, and employment policies are guided by that principle.