Security DevOps Engineer

Reference Number: EB/SS/CG
Location: Framingham, MA

Security DevOps Engineer
We’ve spent more than 50 years finding new ways to bring quality audio products to people—in their homes, in automobiles, in airplanes, and just about anywhere else that there is a possibility to enjoy music.
We are transforming the way audio devices interact with the Cloud, creating new experiences for connecting people to what they love the most. We are imagining new cloud native experiences, designing new services, building software architecture and infrastructure, and scaling our solutions to serve millions of users. Join us to invent and build our cloud platform for the 21st century and power the next wave of innovation.

We are looking to leverage advances in technology to bring new experiences and greater value to our customers. As a Security Devops Engineer, you will evaluate our product and cloud architectures, consider our corporate compliance and security policies, and guide our software developers to implement industry-standard practices to secure our connected products and cloud computing environments.

Principal Duties and Responsibilities:

  • Understand and interpret corporate policies, standards, best practices, and results from security reviews and audits
  • Develop & build security tools & processes for scanning, testing, monitoring and reporting
  • Lead, coach and mentor development teams to incorporate security while developing highly scalable, distributed applications involving connected devices (IoT), mobile applications and cloud services
  • Conduct vulnerability and risk assessments to provide actionable remediation plans
  • Develop technical security specifications for the targeted cloud applications/workloads
  • Coordinate security concerns with software teams across the company through a software guild

 

Qualifications:

  • Ability to position and convey security as a business enabler
  • Strong expertise in security capabilities and best practices
  • Familiarity with industry security standards and guidelines (SysTrust, SSAE 16, OWASP, etc.)
  • A background in network security architecture for web services, IaaS, and PaaS
  • Experience in understanding and incorporating security practices into DevOps processes
  • Working experience in authentication technologies, including OAuth and SAML
  • Understanding of cloud computing technologies and emerging computing trends
  • High-level communication skills are essential to successfully translate business requests into technology and security requirements
  • Proven track record of driving decisions collaboratively, resolving conflicts and ensuring follow through
  • Demonstrated strong desire to stay current on emerging technology and building upon open source projects
  • Presentation skills, with a high degree of comfort with both large and executive audiences
  • Enthusiasm, proactive attitude and ability to create indirect influence

Experience:

  • At least 6 years in designing and building complex systems such as networked equipment or cloud services
  • At least 2 years in a security-focused DevOps role in an agile development environment
  • Working with multiple, large software development teams
  • Desirable: AWS Certifications, CCSP certification or equivalent; CSA CCSK training

Prior Roles:

  • Security Architect
  • Security Consultant
  • Security Engineer
  • DevOps Engineer