Devsecops Engineer Job in Vocera Communications.

Position Description Vocera is Looking for a DevSecOps Engineer. You will play a key role as part of our DevOps team, securing primarily the Vocera stack on the AWS platform, as well as designing and implementing security infrastructure as code for private/public cloud. You will be responsible for maintaining existing and new configuration management code and infrastructure. We believe in automation of operational tasks, and are seeking a devsecops engineer with a developer mindset. You will work on a small team so ability to learn quickly and work independently is essential for this role. This position reports to the Manager, DevOps.

Responsibilities

• Configure and secure production and non-production environments in AWS
• Collaborate effectively with Engineering and other key stakeholders to negotiate necessary code security changes
• Monitor, debug and troubleshoot security issues in cloud
• Track compliance requirements and ensure the environment supports business needs (HIPAA, PCI, etc.)
• Evaluate tools for enrichment of DevSecOps
• Participate in incident reviews and work on continuous improvement of operation environments
• Develop and maintain tools for patching and auditing for Windows and Linux based software stack
• On Call experience with incident response handling (PagerDuty)

Competencies

• Strong automation mindset, operational rigor, attention to details, and ability to collaborate with key stakeholders in Engineering, Support, and Product Management
• Excellent communication, presentation, interpersonal and analytical skills, including the ability to communicate complex, interactive design concepts clearly and persuasively across different audiences and varying levels of the organization
• Solid understanding of PKI infrastructure
• Experience with Key Management using tools like hashicorp vault, ansible vault
• Continuous Key Rotation process for end to end cloud systems (AWS Console and Services, OS)
• Solid understanding of Linux OS, Git, SSL, SSH
• Proven Results Should be able to demonstrate past accomplishments developing consumer grade security automation using configuration management tools
• Doer Mindset Ability to independently execute against deadlines.
• Passionate about DevSecOps and modern DevOps toolset.
• Resourceful, able to solve complex problems using online and team resources
• Knowledge of SQL / NoSQL databases a plus
• Knowledge using CI-CD (Jentins, Harness, Spaniker

Requirements

• BS Computer Science / Engineering or related field or equivalent
• 5+ years of experience maintaining applications and services on AWS including at least 3 years with multiple AWS services such as EC2, IAM -MFA SSO, GuardDuty, Inspector, SSM, S3, Route53, Cloudfront, Cloudformation, lambd, KMS
• Ability to install software using packet manager, and investigate logs in Linux (Centos, ubuntu) and Windows operating system and Docker
• Solid experience with Configuration / Infrastructure automation on Windows and Linux using ansible, powershell and bash with hands on experience creating and deploying ansible role for security components
• Familiarity with Python programing language a plus
• Proven experience deploying Monitoring toolset (Prometheus, Monit and cloudwatch) in docker, Kubernetes or VMs
• Solid application security knowledge using tools like SIEM (Loki, Wazuh, ELK), Guardduty, Inspector or similar
• Understanding of Container Security and Kubernetes Security (Signing, RBAC, POD Security Policy)
• Experience with opensource ID IPS solutions like Zeek, Bro ID IPS, Snort,
• Experience with IDP/SP like keyclock, gluu, Ory.sh
• On Call work as needed
• No travel required