Senior DevSecOps Cybersecurity Engineer
Company: Cox Communications
Location: Sun City West
Posted on: March 10, 2023
Job Description:
Senior DevSecOps Security Engineer
Cox Communications is looking for a Senior DevSecOps Security
Engineer who will report to the Manager, DevSecOps.
Are you experimentation-driven, bold, result-oriented,
customer-focused,? Do you want to help drive the adoption of
security controls in the delivery pipeline? Are you excited to
implement automated security solutions that will enable development
teams to deploy secure software?
As a member of the DevSecOps Team, you will have the opportunity to
pioneer security architectures supporting the ability to deliver
secure software. You will collaborate with security, development,
operations, and infrastructure teams to build and implement
automated security solutions that enable the "shift left"
culture.
What You'll Do
- Build and manage services, tools, and integrations that will
automate security controls within CI/CD pipelines.
- Identify security gaps in DevSecOps architectures and
toolchains and recommend enhancements.
- Provide technical leadership to security, infrastructure,
engineering, development, and business teams.
- Assist with development of the DevSecOps strategy and roadmap
across people, process, and technology.
- Build relationships with development and operations teams and
provide guidance on vulnerability remediation.
- Perform upgrades and drive deployment of security
solutions.
- Create key performance indicators that track the progress and
effectiveness of the DevSecOps program.
- Design security compliance metrics that align with DevSecOps
requirements and assist with driving enforcement.
- Assist with triaging potential security incidents.
- Assist with cybersecurity escalations and change
management.
- Create runbooks and document policies and procedures.
- Work with vendors and maintain relationships.
- Remain current with new cybersecurity trends, threats, and
disruptive solutions and make recommendations to leadership.
What's In It For You?
Really good question, and we have some good answers that we hope
you like.
- We want you to feel cared for and respected (like you do with
our customers), and that starts with Cox's highly competitive pay
plus other compensation perks (401k + company matching,
comprehensive medical benefits, etc.). We also offer discounted Cox
services (in specific Cox markets), tuition reimbursement for
academic pursuits, adoption assistance, paid time off to volunteer,
childcare and eldercare resources, pet insurance and much
more.
- Good work should be rewarded, and not just with a healthy
paycheck. The Cox culture is one that values people more than
technology, so it's our goal to make sure you feel recognized for
your contributions. It's also important to work alongside
colleagues who "get you." At Cox, you'll find a workplace where
relationships are crafted with care and successes are celebrated
with high fives. We strive to create an environment where you can
do you, and everyone from leadership to new hires can support and
feel supported.
- Growth is a good thing, and you'll have opportunities to learn
and train so you can sharpen your skills and explore opportunities
across the Cox family of businesses that will continue to challenge
and empower you. In the future, you may have the opportunity to
cultivate customer relationships in other sectors where we operate
like cleantech, health care and new forms of transportation
mobility.
Who You Are
Here is a list of the necessities for the job, as well as some
"preferred" qualities that we hope you have as well:
Minimum:
- BA/BS in Computer Science, IT or a related field and 6 or more
years of experience in related field, OR MS degree in a related
field and 4 years related experience, OR PhD and 1 year experience
in related field.
- Previous experience as a DevOps/DevSecOps Engineer supporting
applications and platforms running in private or public cloud (such
as Rancher, Anthos, AWS, GCP, VMWare).
- Deep experience within DevOps, CI/CD processes, SDLC, and
related tools such as Jira, Jenkins, Artifactory, Bitbucket,
GitLab, etc.
- Experience with containers, enterprise container orchestration,
and related tools such as Docker, Rancher, Kubernetes, and public
cloud container services.
- Understanding of security automation within DevOps and CI/CD
processes including vulnerability identification and
management.
- Experience building and deploying infrastructure-as-code (IaC)
and related tools such as Ansible, Terraform, Open Policy
Agent.
- Experience with creating regular expressions (REGEX), writing
scripts in python or bash, and interacting with APIs.
- Understanding of OWASP Top10, CVSS, the MITRE ATT&CK
framework and the software development lifecycle (SLDC).
- Good verbal and written communication skills needed to
communicate complex problems, including root cause, to both
technical and non-technical audiences.
- Strong collaboration skills to effectively develop consensus
and understanding among cross-functional teams on key security
risks and vulnerabilities.
- Ability to work under pressure, reprioritize, and adjust to
changes in direction and deadlines.
- Ability to balance multiple high priority projects and complete
on time with minimal supervision.
Preferred:
- Experience integrating security solutions into CI/CD workflows
and toolsets.
- Experience with cloud workload protection platforms (CWPP) such
as Palo Alto Prisma Compute, Aqua, etc.
- Experience with SAST, DAST, secret scanning, and/or secrets
management solutions such as Veracode, Snyk, Gitleaks, Hashicorp
Vault.
- Experience securing the software supply chain including
implementation of appropriate controls across the SDLC and managing
change along the way.
- Big Four consulting background or Fortune 500 company
experience.
- Telecom/Cable industry experience.
- At least one relevant security-focused certification - CISSP,
CCSP, CKS, GCSA.
Join the Cox family of businesses and make your mark today!
USD 105 100.00 per year
About Cox Communications
Cox Communications is the largest private telecom company in
America, serving six million homes and businesses. That's a lot,
but we also proudly serve our employees. Our benefits and our
award-winning culture are just two of the things that make Cox a
coveted place to work. If you're interested in bringing people
closer through broadband, smart home tech and more, join Cox
Communications today!
About Cox
Cox empowers employees to build a better future and has been doing
so for over 120 years. With exciting investments and innovations
across transportation, communications, cleantech and healthcare,
our family of businesses - which includes Cox Automotive and Cox
Communications - is forging a better future for us all. Ready to
make your mark? Join us today!
Benefits of working at Cox may include health care insurance
(medical, dental, vision), retirement planning (401(k , and paid
days off (sick leave, parental leave, flexible vacation/wellness
days, and/or PTO). For more details on what benefits you may be
offered, visit our benefits page .
Cox is an Equal Employment Opportunity employer - All qualified
applicants/employees will receive consideration for employment
without regard to that individual's age, race, color, religion or
creed, national origin or ancestry, sex (including pregnancy),
sexual orientation, gender, gender identity, physical or mental
disability, veteran status, genetic information, ethnicity,
citizenship, or any other characteristic protected by law.
Statement to ALL Third-Party Agencies and Similar Organizations:
Cox accepts resumes only from agencies with which we formally
engage their services. Please do not forward resumes to our
applicant tracking system, Cox employees, Cox hiring manager, or
send to any Cox facility. Cox is not responsible for any fees or
charges associated with unsolicited resumes.
Keywords: Cox Communications, Sun City West , Senior DevSecOps Cybersecurity Engineer, Engineering , Sun City West, Arizona
Didn't find what you're looking for? Search again!
Loading more jobs...
