What are the responsibilities and job description for the IT DEVSECOPS ENGINEER position at Seminole Gaming?
SHRSS is seeking a highly motivated and skilled DevSecOps Engineer. This role will be responsible for managing our application security scanning toolset, build and maintain integrations with our CI/CD pipelines and provide security guidance to our engineering community . You will often take part in design and code reviews and offer direction to ensure that our organization is proactively managing risk. This individual will actively collaborate with Vulnerability Management , DevOps, and remediation stakeholders to provide SME guidance and support. Our team is growing and we’re looking for somebody with the mindset to help our programs continue to evolve.
Responsibilities
Responsibilities
- Evaluate and analyze threat, vulnerability, impact, and risk of security issues
- Support SAST, SCA and DAST scanning technologies
- Liaise with DevOps to build integrations between our scanners and the CI/CD pipelines
- Drive our shift-left strategy
- Provide SME support and remediation guidance to the vulnerability team and remediation stakeholders
- Develop and design DevSecOps metrics, policies, processes, and procedures
- Consult on DevSecOps requirements from diverse application/line of business partners
- 3-5 years of experience in an application security
- Experience performing secure code reviews and web and mobile application penetration tests
- Experience with secure development, coding, and engineering practices
- Experience with OWASP Top 10 and emerging attack vectors
- Experience with SAST, DAST and SCA tools
- Experience with infrastructure as code and infrastructure testing strategies
- Working knowledge of Windows, Unix/Linux, Mac OS X, Android, iOS, etc
- Software development experience in one or more programming languages (e.g., Java, C#, C , Python, PowerShell, JavaScript , Groovy, Helm).
- Knowledge of scripting to support the automation and continuous improvement of processes
- Thorough knowledge of networking technologies, OSI network layers, and TCP/IP
- Knowledge of DevSecOps pipeline, Agile methodology, container security, APIs, and microservices
- Excellent communication and collaboration skills
- Bachelor’s degree or higher in information security, equivalent demonstrated work experience and industry standard certifications
- Prior experience working on a DevSecOps role
- Information security certifications ( g. OSCP, OSWA, GPEN, GWAPT, eCPPT, eWPT, CEH, CISSP, CSSLP)
- Cloud security experience in one or more of the following ( Azure, AWS or GCP)
- Experience with CSPM tools ( g. Wiz, Orca, Prisma Cloud)
- Experience in the Casino Gaming industry
IT Business Analyst
Environmental Engineer 9-P11 (Sediment & Aquatic... -
Lansing, MI
DevSecOps Engineer
ICONMA -
Reston, VA
DevSecOps Engineer
Credence Management Solutions, LLC -
Mc Lean, VA
