Lexipol · 2 days ago
DevOps Engineer
Maximize your interview chances
ConsultingGovernment
No H1B
Insider Connection @Lexipol
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Design and implement security testing (SAST, DAST) within CI/CD pipelines to identify vulnerabilities early in the development cycle.
Collaborate with development teams to integrate secure coding practices and automated compliance checks.
Harden pipelines to ensure secure handling and storage of secrets, using best-in-class secret management solutions.
Develop and enforce secure IaC standards with Terraform, CloudFormation, and similar tools.
Regularly scan configurations and IaC for security compliance, addressing any deviations promptly.
Ensure robust secrets management across IaC implementations and cloud environments.
Lead the deployment and configuration of a Security Information and Event Management (SIEM) solution, ensuring real-time security monitoring for all critical systems.
Develop and fine-tune alerting rules and dashboards to detect and respond to suspicious activities, leveraging automated responses where possible.
Collaborate with incident response teams to establish workflows for rapid triage and mitigation based on SIEM alerts.
Collaborate with cloud and infrastructure teams to implement and monitor cloud security controls in AWS and Azure.
Develop automated compliance auditing and reporting for SOC2, CJIS, NIST, and internal policies.
Implement security controls around serverless and containerized environments, ensuring secure and scalable deployments.
Manage and oversee the work of contract resources to ensure project timelines and goals are met.
Lead threat modeling sessions to identify and mitigate potential risks across Lexipol's products.
Perform security reviews for new and existing applications, focusing on high-risk components and dependencies.
Ensure adherence to secure coding practices and dependency management, particularly for open-source libraries.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
5+ years of experience in a DevOps or DevSecOps role, with a focus on security within CI/CD pipelines and cloud environments.
Proficiency in security practices and tools, including SAST, DAST, vulnerability scanning, and automated testing.
Extensive experience in AWS and Azure security, including IAM, network security, and secrets management.
Strong hands-on experience with IaC tools like Terraform and CloudFormation.
Knowledge of compliance frameworks (SOC2, CJIS, NIST) and experience with automated auditing tools.
Strong scripting skills (Python, Bash, etc.) to automate security processes and integrate tooling.
Strong verbal and written communication and collaboration skills, with an initiative-taking attitude towards knowledge sharing and team success.
Familiarity with Agile methodologies and practices.
Preferred
AWS Certified Security Specialty, Certified Information Systems Security Professional (CISSP), or Certified Cloud Security Professional (CCSP).
Familiarity with serverless and container security.
Experience with secure code review and open-source dependency management.
Benefits
401(k) with Company match
Flexible paid time off plan
Company
Lexipol
Lexipol empowers first responders and public servants with mission-critical solutions to best meet community needs safely and responsibly.
Funding
Current Stage
Growth StageTotal Funding
unknown2021-10-12Acquired· by GTCR
2021-03-30Private Equity· Undisclosed
Recent News
2024-04-06
Company data provided by crunchbase