Rio de Janeiro – DevSecOps Engineer ID28949 – Rio de Janeiro

Industry: IT Services

Job Description

AgileEngine is one of the Inc. 5000 fastest-growing companies in the U.S. and a top-3 ranked dev shop according to Clutch. We create award-winning custom software solutions that help companies across 15+ industries change the lives of millions.

If you like a challenging environment where you’re working with the best and are encouraged to learn and experiment every day, there’s no better place – guaranteed!

What You Will Do
Security Integration:
Embed security practices into CI/CD pipelines using tools like Bamboo, Jenkins, GitLab CI/CD, or Azure DevOps; Ensure secure coding practices by integrating SAST, DAST, and dependency scanning tools (e.g., Veracode, Checkmarx, OWASP ZAP).
Automation of Security Controls:
Automate vulnerability scans, configuration checks, and compliance validation using tools like Ansible, Terraform, or CloudFormation; Develop automated workflows for threat detection and remediation using tools like AWS Lambda or Azure Functions.
Compliance & Governance:
Align DevSecOps processes with PCI DSS, HIPAA, ISO 27001, and GDPR standards; Ensure proper documentation of security policies, audit findings, and compliance reports; Conduct regular risk assessments and gap analyses to identify areas for improvement.
Collaboration & Mentorship:
Collaborate with DevOps, security, and development teams to promote a culture of security-first practices; Provide mentorship to junior team members and act as the subject matter expert for DevSecOps.
Monitoring & Incident Management:
Implement security monitoring solutions (e.g., AWS CloudWatch, Azure Sentinel, Splunk) to detect and respond to security threats; Establish incident response workflows and playbooks to ensure quick mitigation of breaches and vulnerabilities.
Observability:
Implement methodology to better understand the internal state of software systems/interactions; Create solutions to evolve data capture/analysis through various characterization: high cardinality and high dimensionality; Develop methods to explore data in real time.
Tools & Frameworks:

Leverage tools like Docker, Kubernetes, Vault, and Nexus for secure containerization and secrets management; Apply frameworks like NIST CSF, OWASP, STIG, and CIS Benchmarks to ölçüm security controls.

Must Haves
Education & Experience: Bachelor’s degree with 6–8 years in DevSecOps, security engineering, or related roles.
Technical Skills: Proficiency in CI/CD tools, cloud security (AWS/Azure), scripting (Python, Bash), and security automation.

Certifications: Preferred certifications include CISSP, CCSP, OSCP, or DevSecOps-specific credentials (e.g., DevSecOps Practitioner).

The Benefits of Joining Us
Professional Growth: Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps.
Competitive Compensation:
We match your ever-growing skills, talent, and contributions with competitive USD-based compensation and budgets for education, fitness, and team activities.
A Selection of Exciting Projects:
Join projects with çağıl solutions development and top-tier clients that include Fortune 500 enterprises and leading product brands.
Flextime:
Tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.

The next steps of your journey will be shared via email within a few hours. Please check your inbox regularly and watch for updates from our Internal Applicant site, LaunchPod, which will guide you through the process.

#J-18808-Ljbffr