Cloud DevSecOps Engineer
Overview:
Location: Remote (US, Canada)Travel: less than 5%
Manages Others: No
Education: Bachelor of Computer Science or Equivalent Experience
Experience: Application security experience, including dynamic & static code analysis, and a minimum of 2 years in cloud security in AWS (preferred) or GCP
The Opportunity:
Reporting to the Cloud Infrastructure Manager, the successful candidate will be instrumental in ensuring secure coding and infrastructure guidelines and best practices are in place. The position will require a strong knowledge of DevOps principles and an ability to apply security technologies and best practices in an ever-changing and fluid environment.This is an opportunity to develop and grow a career within cybersecurity in an engaging and rapidly expanding industry.
Responsibilities:
- Audit, maintain and establish best practices in a secure cloud infrastructure
- Develop, maintain, and socialize secure coding guidelines and best practices
- Work with developers to assist in designing and architecting secure systems
- Develop general techniques and frameworks that will enable other engineering teams to find flaws before they are introduced into production
- Be a security subject matter expert and respond to any internal security engineering questions/requests
- Work with other teams to help architect solutions that are inherently secure
- Correctly balance security risk and product advancement
- Perform threat modeling for existing applications
- Perform reactive incident response when a security event occurs
- Perform proactive research to detect new attack vectors
- Collaborate with infrastructure and application teams to advance their ability to take ownership of and implement secure coding techniques and follow the OWASP best practices
- Monitor the enterprise for signs of unexpected activity, and research, architect, and execute solutions that will advance internal security monitoring & controls
- Support design and maintenance of the cloud security environments, with a strong focus on AWS
Qualifications:
- 4-5 years of systems administration, DevOps or development background using multiple tools, techniques, and platform technologies
- AWS Serverless Computing experience (Lambda, Step Functions, ECS Fargate)
- Application security experience, including dynamic & static code analysis, and a minimum of 2 years in cloud security in AWS (preferred) or GCP
- Proficiency in at least one scripting or programming language (Python, Ruby or JavaScript preferred)
- Experience with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g. GitHub Actions, SAST, DAST, SCA)
- Experience with Infrastructure-as-Code (IaC) tools and concepts at a production level (e.g. Terraform, CDK, CloudFormation)
- Ability to work independently and collaboratively, and set your own goals
- Excellent analytical skills: able to break down complex, multi-faceted problems into actionable steps without over-simplification
- Ability to communicate security-related concepts to a broad range of technical and non-technical staff in an articulate manner
- Understanding of frameworks such as OWASP Top 10 and OWASP Application Security Verification Standard
Nice to have:
- Experience with AWS SSO/Identity Center and external Identity Providers like Azure AD/Entra (preferred), Okta, Auth0
- IoT and embedded security experience
- Any relevant AWS or security certification
- Familiarity with SOC 2 or other compliance frameworks
- BusPatrol Value Proposition:
WHAT WE OFFER
BusPatrol employees get:
- A competitive salary and benefits package
- Comprehensive personal time off, including volunteering and birthday days off
- An opportunity to help build a company dedicated to children’s safety
- The chance to join an innovative and dedicated team, focused on leading edge technology
- The occasion to participate in BusPatrol’s culture of safety, learning, and teamwork
BusPatrol’s school bus safety programs are violator-funded, meaning that those who break the law pay for the technology that protects children. We build solid partnerships in the communities in which we operate which, coupled with our innovative business model, leads to sustainable efforts to change driver behaviors.
HOW WE WORK
On our mission to make the journey to and from school safer for children, the way we work together and with our partners is built on foundational cultural pillars.- SAFETY
- CONNECTION
- EXCELLENCE
- IMPACT
We measure success by fulfilling our mission and keeping the company strong. We invest our time and energy in the actions that deliver results for students and for their communities.
We are looking for a valued member of the BusPatrol team to assist us in our quest to improve children’s safety. This is an important role for us and a great opportunity for the right candidate. Our environment is inclusive, diverse, ignited, built on integrity, and deeply committed.
The US salary range for this position is provided in this posting. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for salaries for the position across all US locations.Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your Talent Partner can share more about the specific salary range for your preferred location and skill level during the hiring process.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, and/or commission (if applicable) or benefits.
EOE/AA Disability-Veteran
Minimum US Base Salary: USD $140,000.00/Yr.
Maximum US Base Salary: USD $170,000.00/Yr.