Sr. Staff Engineer DevSecOps

Responsibilities:

DevSecOps Strategy:

• Implement the Semtech DevSecOps strategy to integrate security seamlessly into the software development lifecycle.

• Collaborate with cross-functional teams to establish and maintain secure coding standards, continuous integration, and continuous delivery pipelines.

DevSecOps Planning:

• Establish clear project security goals and objectives, defining and prioritizing security requirements to align with organizational objectives.

• Identify and assess potential security risks and threats, developing a comprehensive threat model for the application.

• Set up a robust security governance structure within the project, implementing a security architecture plan and documenting all aspects of the planning process for future reference.

Security Automation:

• Evaluate, implement, and manage security tools and technologies within the DevOps toolchain to automate security testing, vulnerability scanning, and compliance checks.

• Ensure the tools are effectively utilized to identify and remediate security vulnerabilities early in the development process.

• Drive the automation of security controls and processes to enhance efficiency and reduce manual intervention.

• Implement automated security testing, code analysis, and deployment validation to maintain a high level of security without impeding development velocity.

• Develop and maintain automated security processes for infrastructure as code (IaC) deployments.

Operations & Monitor:

• Maintain an incident response plan specific to DevOps processes, ensuring rapid identification, containment, eradication, and recovery from security incidents.

• Collaborate with incident response teams to integrate DevOps-related incidents into the overall organizational response plan.

• Implement security monitoring and adhere to incident response procedures to detect and respond swiftly to security incidents.

• Set up automated log and event monitoring, continuously updating and patching all components across production, pre-production, and development environments to minimize vulnerabilities.

• Monitor all environments (Prod, Pre-Prod, Dev) for security events.

• Review and update access controls, permissions, and security policies regularly, documenting all monitoring practices for reference and improvement.

• Working closely with DevOps to update and patch all components in all environments to address known vulnerabilities and enhance overall security

Continuous Learning:

• Stay current with industry trends, emerging threats, and security technologies.

• Implement a culture of continuous learning within the team, encouraging certifications, training, and knowledge sharing.

Minimum Qualifications:

• Bachelor's degree in computer science, information technology, or a related field (master's degree preferred).

• Extensive experience in cloud architecture and strategy with a proven track record of successful cloud adoption.

• Proven experience as a DevSecOps Engineer in AWS cloud environments.

• Strong understanding of cloud security principles and best practices.

• Hands-on experience with security tools such as AWS Security Hub, WAF, and third-party security solutions.

• Proficiency in scripting and automation languages (e.g., Python, Shell, PowerShell).

• Experience with CI/CD tools and practices such as GitHub actions, Chef, Anisble, Salt, Puppet,etc.

• Knowledge of containerization and orchestration technologies (e.g., Docker, Kubernetes).

• Certifications: AWS Certified Security – Specialty, Certified DevOps Engineer, or Certified Information Systems Security Professional (CISSP).

• Strong analytical and problem-solving skills.