Senior DevSecOps Engineer
Seismic, a rapidly growing Forbes Cloud 100 company, is the global leader in enablement, helping make sales teams better by becoming more productive and engaging with buyers in a compelling way. Seismic’s platform provides continuous guidance to improve behavior, content, and skills to win more deals and deliver better experiences. Nearly 2,000 organizations including IBM and American Express have made Seismic their enablement platform of choice. Seismic integrates with business-critical platforms including Microsoft, Salesforce, Google and Adobe. Seismic is headquartered in San Diego, with offices across North America, Europe, and Australia.
At Seismic, we like to have FUN and work hard, it's at the core of what we do. Our Toronto team is no exception! And we're growing like crazy, too! You get to be a part our highly collaborative and innovative environment, while working on an award winning, content engagement platform, and have a lot of fun while doing so.
As part of the Cloud Engineering team, the DevSecOps team at Seismic upholds the security best practices for SDLC and cloud infrastructure. As we continue to grow and scale our product, we continuously iterate to improve security and operational best practices for build, release, deployment, and reliability.
Our DevOps engineers play a critical role in the success of our product as we focus to shorten the process of development to delivery. With a solid understanding of software engineering, our geographically distributed team creates tools, scripts, and frameworks to help teams quickly and reliably release code to production. Additionally, we work closely with development teams to drive the adoption of tools and best practices throughout the SDLC. Initiatives you work on may include streamlining identity and access management, standing up a new environment, evaluating CNCF tools, or expanding into new clouds.
Who You Are:
- A strong analytical thinker and problem-solver
- Self-starter and quick learner with proactive mindset and good communication skills
- You possess a strong sense of ownership and take pride in the work that you do
- Thrive in ambiguous situations, you know when to take charge and move forward
- Passionate for automation, you understand that automation not only saves time, but allows developers to spend more time doing what they do best - code!
- Well versed in best practices in the DevSecOps and Cloud Engineering fields
What you will be doing:
- Research, architect, implement and support technologies and processes to automate security operations that seamlessly integrate into software development, CICD, and cloud infrastructure
- Research, architect, implement and support monitoring, auditing, and reporting solutions that support security and compliance needs
- Lead and coordinate the technical investigation and remediation efforts in case of security incidents
- Work closely with developers during the deployment and testing phases to provide insights into security best practices
- Advocate and implement industry best practices for configuration management and build/deployment automation
- Participate in an on-call rotation to triage and analyze abnormalities in security operation
What you bring to the team:
- Bachelor’s degree in Computer Science or related field OR equivalent experience
- Must have 5-8+ years’ experience in a DevSecOps / DevOps engineering role, with experience in the following:
- Evaluating, developing, and implementing DevSecOps tooling and processes to embed security within the SDLC.
- Application security testing tools (SAST, DAST, IAST, OSA, or similar.)
- Working knowledge of vulnerability assessment and security/penetration testing
- Cloud platforms such as Azure, AWS, Google Cloud, IBM Cloud, etc.
- Containerization such as Docker, Kubernetes, and infrastructure as code such as Terraform
- The build and release process and continuous integration and delivery
- Strong scripting and tools created in a scripting language like PowerShell, Shell, Bash, or Python
- Local and wide area networking technology and concepts: TCP/UDP, TLS/SSL, HTTP, NAT, VPN, etc. IPv6 as asset
- Working knowledge of PKI, asymmetric and symmetric encryption, and other cypher technologies
- CISSP certification is a plus
What We Bring:
At Seismic, we celebrate ideas and innovation. From the technology we create, to the company we keep, we're changing the way our world works and we're having a lot of fun along the way. As a tech "unicorn", this is an amazing opportunity for the right person to join and guide the technical vision of this pre-IPO software company as we make history in the sales enablement space!
What we have for you:
- Generous PTO, paid holidays, and paid parental leave
- Competitive Medical, Dental and Vision Plans
- Robust 401(k) fund options with company matching
- Flexible work schedule
- Seismic Cares volunteer program
- #OneSeismic culture that celebrates wins, encourages autonomy, ownership, and transparency
Headquartered in San Diego and with more than 1,300 employees across the globe, Seismic is the global leader in sales enablement, backed by firms such as Permira, Ameriprise Financial, EDBI, Lightspeed Venture Partners, and T. Rowe Price. Seismic also recently expanded its team and product portfolio with the acquisition of Percolate, Grapevine6, and Lessonly. Our board of directors is composed of several industry luminaries including John Thompson, former Chairman of the Board for Microsoft.
Seismic is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to gender, age, race, religion, or any other classification which is protected by applicable law.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.