DEVSECOPS ENGINEER, SENIOR
Company: Blue Shield of CA
Location: El Dorado Hills
Posted on: November 13, 2024
Job Description:
Your Role As a DevSecOps Engineer in IT Quality Engineering
Organization, you will play a crucial role in ensuring the security
and quality of software products. Your primary responsibility will
be to establish the best practices and standards for DevSecOps
methodologies, ensuring a secure and seamless transition to the
cloud environment. You will lead the implementation of DevSecOps
best practices, specifically tailored for Azure, and collaborate
with cross-functional teams to ensure security is integrated
throughout the software development lifecycle. You will also
organize training and provide mentoring to help others get up to
speed on DevSecOps best practices. A strong focus on cloud
solutions and design will be essential to support the seamless
integration of applications on Azure. Your Work In this role, you
will:
- Evaluate and analyze the existing IT infrastructure,
identifying areas for improvement and security enhancement.
- Design and implement secure, scalable, and automated
cloud-based solutions on Microsoft Azure to support application
deployment and management.
- Advocate for DevSecOps principles and practices within the
organization.
- Lead the implementation of DevSecOps practices, including
continuous integration, continuous delivery, continuous testing
(CI-CD-CT), and automated testing, tailored for the Azure cloud
environment.
- Collaborate with software development teams to integrate
security controls and best practices into the application
development process and to create robust testing strategies that
covers functional, security, and performance aspects.
- Develop and execute test plans, test cases, and test scripts to
validate software functionality and security.
- Encourage collaboration between development, operations, and
security teams.
- Maintain comprehensive documentation related to testing
processes, security findings, and remediation efforts.
- Generate reports on testing results, security assessments, and
risk assessments.
- Create automated test suites and pipelines.
- Implement monitoring, logging, and alerting systems to ensure
the security and availability of cloud-based infrastructure.
- Integrate SonarQube with CI/CD pipelines and Azure Devops.
- Manage the configuration and infrastructure as code (IaC) using
tools such as Terraform, Ansible, or similar, with a strong
emphasis on security.
- Conduct security assessments, vulnerability testing, and ensure
compliance with industry standards and regulatory
requirements.
- Work closely with stakeholders to define and enforce security
policies and access controls in the Azure environment.
- Develop and maintain documentation for security processes,
procedures, and configuration management.
- Continuously improving testing methodologies and security
processes.
Your knowledge and Experience
- Requires Bachelor's degree in Computer Science, Information
Technology, or related field, or equivalent experience. Master's
degree in Computer Science, Information Technology preferred.
- Requires a minimum of 5 years of prior relevant experience in
IT development and quality engineering.
- Prefers 1 year of experience in DevSecOps field.
- Prefers 1 year of hands-on experience with cloud platforms and
Infrastructure as code.
- Proven hands-on experience in cloud solutions and design for
secure and compliant integration of applications on Microsoft
Azure.
- Prefers healthcare background, specifically with pharmacy
- Solid understanding of DevSecOps principles.
- Knowledge of healthcare industry standards including HIPAA and
CMS regulations.
- Experience with CI/CD pipelines, and automation tools like
Jenkins, Ansible, Jira, GitLab CI, JFrog Artifactory, BitBucket, or
Azure DevOps, with a focus on security integration and automated
testing at all stages.
- Strong knowledge of scripting languages (e.g., PowerShell,
Bash, Python) for automation tasks, with an emphasis on
security-related automation.
- Experience in implementing and managing containerized
applications using Docker and orchestration platforms like
Kubernetes, with security considerations in mind.
- Familiarity with infrastructure as code (IaC) concepts and
tools such as Terraform or Ansible, with a focus on security best
practices.
- Expertise in cloud security best practices and their
implementation within Azure environment.
- Excellent problem-solving skills and ability to troubleshoot
security-related issues.
- Preferred experience in leading digital transformation projects
and cloud migration efforts with a strong focus on security.
- Understanding of and experience with AIOps concepts and tools
like Prometheus, Grafana, or ELK stack, and platforms like OpsRamp
or DynaTrace, would be strongly preferred.
- Experience with performance optimization as applied to cloud
infrastructure and cloud application architectures.
Pay Range The pay range for this role is: $ 99000.00 to $ 148500.00
for California. Note Please note that this range represents the pay
range for this and many other positions at Blue Shield that fall
into this pay grade. Blue Shield salaries are based on a variety of
factors, including the candidate's experience, location
(California, Bay area, or outside California), and current employee
salaries for similar roles. #LI-EB1
Keywords: Blue Shield of CA, Napa , DEVSECOPS ENGINEER, SENIOR, Engineering , El Dorado Hills, California
Didn't find what you're looking for? Search again!
Loading more jobs...