<p>Long-term employment with opportunities for growth.</p> <p>Discover more about our organization, culture, and employee benefits by visiting this page.</p> <p>Explore life at Seaboard Marine: https://explore.seaboardmarine.com/pomrecruitment</p> <p>We offer excellent benefits including:</p> <ul> <li>401(K) Retirement Saving Plan w/ Employer Match </li><li>Low-Cost Health, Dental & Vision insurance (Starting DAY ONE) </li><li>Tuition & Certification Reimbursement </li><li>Paid Time Off - (15 Days; prorated before 1st year) </li><li>Parental Leave </li><li>Paid holidays </li><li>POSITION SUMMARY: </li></ul> <p>The development, security, and operations (DevSecOps) Engineer ensures that security is a core part of the software development life cycle (SDLC) by integrating security practices and tools into the company development process. They understand and explain to developers and management the security aspect of development and how to build secure codes. Effective interpersonal and communication skills and the ability to work with the security and development teams are required for this role.?This position will manage and execute the DevSecOps process daily. It will use tools to perform code scans and verifications and collaborate with the development teams and management to analyze the codes, show remediation steps, and identify areas for improvement. It will also work with developers and operations staff to ensure security is a shared responsibility, maintaining a culture of security awareness. To perform this job successfully, an individual must be able to satisfactorily perform each essential duty. The requirements listed below are representative, but not necessarily a complete list, of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.</p> <p>GEOGRAPHIC REGION:</p> <p>Applications out of the geographic region for this position will not be considered.</p> <p>QUALIFICATIONS:</p> <p>Required</p> <ul> <li>Bachelor's degree in Computer Science, Information Security, or a related field. In lieu of a degree, a minimum 10 years' experience in cybersecurity and/or development. </li><li>Proven experience in a DevOps, cybersecurity, or related role. </li><li>Proficiency in programming languages such as Python, Java, or Ruby, and scripting languages for automation tasks. </li><li>Familiarity with CI/CD tools, container orchestration, and infrastructure as code (IaC) tools. </li><li>A strong understanding of security principles, practices, and tools. This includes knowledge of threat modeling, risk management, security protocols, encryption technologies, and vulnerability assessment. </li><li>Understanding of risk assessment techniques and security best practices. </li><li>Skills in securing cloud environments, including experience with cloud service providers like Azure and AWS and understanding of cloud-native security tools and practices. </li><li>Understanding of network architectures, protocols, and secure network design. Knowledge of system administration is also crucial for securing the underlying infrastructure. </li><li>Awareness of legal and regulatory requirements related to information security, such as GDPR, HIPAA, and SOC 2. </li><li>Ability to identify security issues and vulnerabilities and develop effective and efficient solutions or mitigations. </li><li>Strong communication skills to effectively collaborate with development, operations, and business teams, and to promote a culture of security awareness. </li><li>Commitment to staying updated with the latest security trends, threats, and technologies, and the willingness to continuously learn and adapt. </li><li>Skills in handling security breaches and incidents, including the ability to lead or participate in incident response efforts. </li></ul> <p>DUTIES AND RESPONSIBILITIES:</p> <p>Primary</p> <ul> <li>Implement and maintain security tools and practices within the CI/CD pipeline. </li><li>Conduct regular security assessments and vulnerability testing to identify and mitigate risks. </li><li>Collaborate with software developers to incorporate secure coding practices. </li><li>Use tools to automate scans, code verification, and other security tasks. </li><li>Automate security processes to ensure seamless integration into the development workflow. </li><li>Monitor and respond to security incidents, ensuring rapid and effective resolution. </li><li>Stay updated with the latest security threats and trends and advise on necessary updates or changes to security protocols. </li><li>Work with cloud-based infrastructures, ensuring they are securely configured and compliant with industry standards. </li><li>Promote a culture of security awareness across the organization. </li></ul> <p>Secondary</p> <ul> <li>Provides IT support for regulatory and compliance activities. </li><li>Creates helpdesk support tickets. </li><li>Keeps IT informed on tips and techniques to enhance cyber security posture. </li><li>Recommends security enhancements. </li><li>Additional duties as assigned. </li></ul> <p>PHYSICAL REQUIREMENTS:</p> <ul> <li>The employee is continuously required to sit and use his fingers. </li><li>The employee frequently is required to talk and/or hear. </li><li>The employee is frequently required to stand and walk. </li><li>The employee must occasionally lift and/or move up to 10 pounds. </li><li>Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus. </li></ul> <p>SAFETY REQUIREMENTS:</p> <ul> <li>Report safety hazards. </li><li>Immediately report incidents involving injury, illness, or property damage. </li><li>Wear protective PPE (Personal Protective Equipment) as instructed or necessary. </li><li>Comply with all company safety policies, procedures, and rules. </li><li>Refuse any unsafe task or operation. </li><li>Participate in safety meetings and training. </li><li>Be constantly aware of their personal safety and that of their coworkers. </li></ul> <p>SUPERVISION RECEIVED AND EXERCISED:</p> <p>Reports directly to the Senior Manager - IT Security. Does not exercise supervision over other staff.</p> <p>CONDITIONS:</p> <ul> <li>Work is performed primarily in the office. </li><li>The noise level in the work environment is usually quiet to moderate when work is performed in the office environment. </li></ul> <p>DISCLAIMER:</p> <ul> <li>We are an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other protected characteristic as outlined by federal, state, or local laws. </li><li>If an applicant with a disability is unable or limited in their ability to use or access our online application center as a result of their disability, they can request reasonable accommodations by sending an email to accommodations@seaboardmarine.com </li><li>The duties listed above are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related or a logical assignment to the position. </li><li>The job description does not constitute an employment agreement between the employer and employee and is subject to change by the employer as the needs of the employer and requirements of the job change. </li></ul>