DevSecOps Engineer
At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
At Northwestern Mutual we are looking for a hardworking technologist who is looking to grow their career in our DevSecOps - Application and Cloud Security. The DevSecOps Engineer will have the opportunity to build integrated, automated security processes, patterns, and tools, in collaboration with application and platform teams to deliver secure products for our clients and financial representatives.
In this role, the candidate can expect to:
- Engineer secure, resilient enterprise-grade public cloud patterns and processes in tandem with architects and system engineers that meet organization policy and standards
- Assist in the rollout and implementation applications to support our SDLC including SAST, DAST, SCA, and RASP
- Lead technical support of application security capabilities and respond to service and issue tickets within service-level agreements
- Actively supervise, assess and recommend tactical and critical initiatives based on new and emerging threats posing risk to our environments
- Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry standard methodologies
- Assist in remediation efforts after security assessment findings outline weaknesses requiring attention
Required Skills:
- Familiarity of traditional or cloud computing, including networking, compute, storage, app development, data, operations, or security
- Proficiency with development and scripting languages (Python, Java, Powershell or Bash)
- Familiarity with applicable frameworks from NIST and OWASP
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious, adaptable and presenting effectively
- Strong ability to maintain and strengthen relationships with internal and external partners
Preferred Skills and Experience
- Bachelor's or Associate's degree with an emphasis in Cybersecurity, Computer Science, Computer Engineering, Software Engineering, MIS or related field
- 1-3+ years' experience in AWS or application security
- Knowledgeable about secure architecture, engineering and design principles
- Experience conducting security tests
- Knowledge of common application and cloud security tools, such as Burp, Zap, Checkmarx, InsightAppsec, PrismaCloud, InsightAppsec, InsightCloudsec, Jfrog Xray
- Experience in development of applications through automated deployment and orchestration services, such as GitLab, Jenkins, Ansible or Kubernetes
- Experience with Infrastructure as code concepts and tooling including Terraform or Cloud formation
- Relevant certifications from AWS, SANS, ISC(2) and associated technology partners
Our Benefits!
- Highly competitive compensation, including annual bonus opportunities
- Medical/Dental/Vision plans, 401(k), pension program
- Tuition reimbursement, commuter plans, and paid time off
- Extensive Professional Training Opportunities
- Excellent Work/Life Balance
- Hackathons/Dedication to Innovation
#LI-post
This job is not covered by the existing Collective Bargaining Agreement.
Required Certifications:
Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.