IT Security Analyst/DevSecOps Engineer

Monolithic Power Systems, Inc. (MPS) is one of the fastest growing companies in the Semiconductor industry. We are worldwide technical leaders in Integrated Power Semiconductors and Systems Power delivery architectures.   At MPS, we cultivate creativity, are passionate about sustainability, and are committed to providing leading-edge products and innovation to our customers. Our portfolio of technology helps power our world --- come join our team and see how YOU can make a difference.

This IT Security Analyst/DevSecOps Engineer position will join a dynamic and fast-growing global IT organization in San Jose, California, or Kirkland, Washington supporting world-wide operations with major sites in the US, EU, and APAC.  The successful candidate will play a crucial role in protecting our organization's computer networks and systems from cyber threats and attacks, while also integrating security practices throughout our software development lifecycle.

Responsibilities:

• Monitor computer networks for security issues and investigate any breaches or violations
• Perform penetration testing and vulnerability assessments to identify security weaknesses
• Develop security standards and best practices for the organization
• Research the latest IT security trends and emerging threats
• Prepare reports documenting security issues and mitigation efforts
• Collaborate with IT and development teams to implement security measures and upgrades
• Ability to perform log analysis and correlating security events.
• Developing and implementing automated alert triage systems
• Conduct security awareness training for employees
• Assist in incident response and forensic analysis when security incidents occur
• Integrate security practices into the CI/CD pipeline and software development lifecycle
• Implement and manage automated security testing tools in the development process
• Work with development teams to address security vulnerabilities early in the development cycle
• Ensure compliance with security standards and regulations throughout the development process 

Requirements:

• Bachelor's degree in computer science, IT, cybersecurity, or related field
• 3+ years of experience in information security or related IT role
• 2+ years of experience with DevOps or DevSecOps practices
• Knowledge of firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Familiarity with ISO 27001/27002, NIST CSF, CIS Controls and other security frameworks
• Experience with vulnerability assessment tools and techniques
• Experience working with RESTful APIs and JSON/XML data formats
• Proficient in implementing and managing identity federation protocols including OIDC and SAML
• Strong analytical and problem-solving skills.
• Experience configuring and troubleshooting Single Sign-On (SSO) solutions.
• Excellent written and verbal communication abilities
• Proficiency in scripting languages (e.g., Python, Bash, PowerShell) and version control systems (e.g., Git)
• Experience with containerization technologies (e.g., Docker, Kubernetes)
• Familiarity with CI/CD tools (e.g., Jenkins, GitLab CI, Travis CI)
• Knowledge of infrastructure-as-code and configuration management tools (e.g., Terraform, Ansible)
• Relevant certifications like Security+, CEH, CISSP, or CISM preferred

The ideal candidate will be detail-oriented, proactive, and able to stay calm under pressure. You should have a passion for cybersecurity and a commitment to protecting sensitive data and systems throughout the entire software development lifecycle.