- Company Name
- Ares Management
- Job Title
- Cybersecurity Engineer – SecDevOps
- Job Description
-
Job Title: Cybersecurity Engineer – SecDevOps
Role Summary:
Embed security into the software delivery lifecycle by designing, implementing, and maintaining automated CI/CD pipelines, infrastructure-as-code, and container orchestration frameworks. Drive secure-by-design engineering across development, operations, and security teams with an automation-first mindset.
Expectations:
* Deliver integrated security controls and monitoring within CI/CD with measurable reduction in manual intervention.
* Maintain consistent, version‑controlled infrastructure and configuration across all environments.
* Support rapid release cycles while meeting security compliance and risk thresholds.
* Facilitate collaboration between Dev, Ops, and Security to align security policies with engineering velocity.
Key Responsibilities:
* Design, operate, and continuously improve CI/CD pipelines using modern tooling (GitHub Actions, GitLab CI, Jenkins, Azure Pipelines).
* Implement IaC with Terraform, CloudFormation, or equivalent to provision cloud resources reliably.
* Automate system configuration and drift prevention using Ansible, Chef, or Puppet.
* Develop and maintain containerized application patterns with Docker, orchestrating deployments on Kubernetes or comparable platforms.
* Build automation scripts (Python, Bash, PowerShell) for build, test, deploy, monitoring, and security tasks.
* Implement monitoring, logging, and alerting systems (Splunk, Prometheus, ELK) for proactive incident detection.
* Enforce Git best practices, including branching strategies, pull request reviews, and CI validation.
* Integrate vulnerability scanning, compliance checks, and policy enforcement into pipelines (e.g., Snyk, Semgrep, Open Policy Agent).
* Collaborate across teams to promote SecDevOps culture, communicate risks, and educate stakeholders.
* Optimize cloud platform usage on Azure and other providers for performance, reliability, and cost efficiency.
Required Skills:
* Strong experience with CI/CD tooling and pipeline automation.
* Proficiency in IaC (Terraform, CloudFormation) and configuration management (Ansible, Chef, Puppet).
* Hands‑on knowledge of containerization (Docker) and orchestration (Kubernetes).
* Scripting and programming expertise (Python, Bash, PowerShell).
* Familiarity with monitoring/observability stacks (Splunk, Prometheus, ELK).
* Git and Git workflow mastery.
* Security automation knowledge: vulnerability scanning, policy enforcement, incident response automation.
* Excellent communication and problem‑solving skills.
* Ability to balance developer velocity with security and compliance requirements.
Required Education & Certifications:
* Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent work experience).
* Security certifications (e.g., CISSP, CISM, CompTIA Security+, or equivalent) are preferred but not mandatory.