DevSecOps Engineer Remote

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Apexon, is seeking the following. Apply via Dice today!DevSecOps Engineer Remote We are looking for an immediate candidate with the profile below; Remote Position - Prefer Candidates Located in the East CoastJob Category: EngineeringDescription:We are seeking a highly motivated professional with experience in Security and Privacy to join our dynamic team. As a DevSecOps Engineer, you will help with threat modeling,application security posture management, security orchestration, vulnerability & weakness assessments to improve resilience of the organization and its product portfolio.Develop security-as-code & policy-as-code pipelinesManage vulnerabilities (3rd party) and weaknesses (1st party) in client s products,evaluating the criticality for an adequate prioritization and providing the most suitableremediation, working directly with the product teams as a trusted advisorConduct vulnerability monitoring, (on-demand) vulnerability scanning and other securitytesting activitiesProvide expertise to product teams and Affiliates to answer inquiries, pre-sales requests,contract negotiations and other cybersecurity-related customer supportContribute to initiatives within the Diagnostic Division to achieve the integration ofdefense capabilities into the development of new products and in the update/upgrade,maintenance and support of existing products in collaboration with Product Support teams.Develop and automate technical workflows for investigations and assessments for cybersecurity vulnerabilities and drive onboarding of new products in Vulnerability Monitoring,and provide training to relevant stakeholders in the organization regarding VulnerabilityHandling and Incident Response.Develop, maintain and continuously optimize processes, playbooks and tools forVulnerability Monitoring, Vulnerability Management, Incident Response, ThreatIntelligence and Security Testing.Evangelize security and privacy developing Security Champions across departmentsinvolved in the product development and operationsMaintain the product security controls and awareness supporting other Chapters(Solution Architecture, Product Support and Compliance/Privacy).Requirements:Minimum 3 years of related work experience in SDLC & cloud opsDemonstrated soft skills: problem solving, leadership, communication, teamwork,flexibility and adaptability.Team player, proactive, self-driven, self-motivated, solution-oriented, hands-on.Demonstrated experience in Cloud computing technologies, full stack deployments etc.Demonstrated experience in K8S, AWS or Google Cloud Platform, Docker and other cloud native toolsDemonstrated Experience In Jenkins/ArgoCD/Tekton Or Another Common CI/CD ToolchainDemonstrated skills in Sigstore, SBOM, SLSA and secure software supply chainmanagement.Ability to develop Terraform, K8S manifests or other forms of infrastructure as codeAbility to codify Rego or Cedar policiesDemonstrated experience in SAST & DAST tools (Checkmarx, Snyk, Mayhem,BurpSuite, ZAP etc)Demonstrated experience automating security controls (eg shell scripting, python)In-depth experience in managing information security and privacy risks and threatmodeling.In-depth experience in vulnerability handling pre and post-market launchIn-depth experience in system and cloud infrastructure hardeningStrong understanding of industry standards: ISO 27000 family and HITRUSTBA/BS in Business, Information Systems, Computer Science or a related relevant areaof study is a plusCertifications are a plus: SANS GIAC (GCIH, GPEN, GCIA, GCFA and others) , CEH,CISSP, CISA, CISM, LA ISO27001.DevSecOps Engineer Remote