This is a highly visible and critical role within the Alpine Cyber Solutions Cloud and IT Services organization, focusing primarily on the design, implementation, and operations of DevSecOps technologies.
The candidate will be responsible for collaborating with the other DevSecOps engineers and architects on staff to serve customer needs in the design, implementation, and operations of DevSecOps pipelines and component technologies; contributing to the evolving capabilities of the Alpine Cyber DevSecOps as a Service product; and interacting directly with customer leadership to advise on the best ways to integrate DevSecOps capabilities into their existing or new CI/CD pipelines.
The candidate may also be responsible for participating in security advisory engagements to help customers create and maintain their Security Program.
Required Skills:
Knowledge of DevOps and DevSecOps concepts
Experience designing and implementing CI/CD pipelines
Knowledge of the breadth and depth of a standard SDLC
Ability to present directly to downstream customers with authority
Experience with public cloud infrastructure (preferably AWS and Azure)
Knowledge of security best practices, standards, and frameworks (preferably NIST CSF, OWASP DSOMM/DSOVS, CIS Benchmarks, or others similar)
Desired Skills:
Hands-on experience in the DevOps space, either as an app developer, DevOps engineer, or site reliability engineer (SRE)
Experience with infrastructure as code (preferably Terraform)
Experience implementing or administering DevOps pipelines in the most popular services (i.e. Azure DevOps, GitLab, GitHub, Jenkins, BitBucket, AWS CodeStar, etc.)
Experience with multiple phases of the SDLC (i.e. requirements through retirement)
Experience with threat modeling
Experience with software composition analysis
Experience with static, dynamic, and integrated application security testing