DevSecOps Manager

Company Description

Balsam Brands is a global, eCommerce retailer with roots in seasonal, Christmas, and home décor. We are thrilled to extend our reach into Mexico, bringing the magic of the holidays to a vibrant new location. Your role will be pivotal in shaping the future and trajectory of our company!

Why Balsam Brands? Our people-first approach means that you're a valued member of a community that values relationship building, authenticity, and doing the right thing. We've been sharing joy across the globe, with growing teams in Boise, ID, Redwood City, CA, Dublin, IE, and Manila, PH. Now, we're excited to welcome talent from Mexico!

Our Mission: Create Joy Together. At Balsam Brands, we're about more than just the products we sell; we're about creating experiences that inspire meaningful moments with family and friends. Your work will contribute to our larger mission of giving back to our families and communities in impactful ways. You'll join a culture of caring and interesting people doing challenging work to grow together to delight our customers. Together, we're building a workplace where everyone feels welcome, supported, and encouraged to bring their best selves to work every day.

Ready to be a part of the joy? Explore more about the DevSecOps Manager role below and apply today!

Job Description

As a DevSecOps Manager you will be responsible for overall design and direction of eCommerce Security Engineering across all our applications. This role is responsible for building platforms and frameworks to create consistent, verifiable, and automate management of applications and infrastructure between non-production and production environments. Leading a team of DevOps Engineers, you will drive the design and automation of processes to support the CI/CD of digital technology, enterprise systems, microservices applications, and database services. You will also provide guidance or implement mitigation to address discovered abuse patterns using modern security tools and work with developers and performance engineers to help secure the solution.

This role is critical for developing and maintaining the security posture of digital commerce applications. You will be responsible for identifying and implementing security principles and best practices to ensure application security. Your tasks will include vulnerability scanning, creating processes for analyzing web traffic to identify abuse patterns, and addressing the impact of non-human HTTP traffic on performance and security by applying blocks, rate limits, tarpits, or other remediation methods.

This full-time position reports to the Director of Quality Assurance and has been categorized as a teleworker position. Teleworkers do not have a permanent corporate office workplace and, instead, work from home. To ensure sufficient overlap with functional and cross-functional team members globally, some flexibility with this role's regular work schedule will be required. Most of our teams have overlap with early morning and/or early evening PST. Specific scheduling needs for this role will be discussed in the initial interview.

What you’ll do:

• Provide supervision to a small team, defining tasks aligned with common goals, and fosters the professional development of team members through active discussion, feedback, coaching, and mentorship 
• Analyze, develop, and recommend improvement of software security infrastructures and standards  
• Ensure direct and regular engagement with product/software development and infrastructure teams to achieve security compliance and security requirements within the organization
• Identify and address data security issues, provide secure coding guidance, assess vulnerabilities, and ensure regulatory compliance (PCI-DSS, HITRUST, NIST, SOX, SOC).Provide security guidance on infrastructural designs and organize numerous risk assessments to identify and eliminate application/product threats
• Automate software maintenance for CI/CD pipeline applications like Jenkins and SonarQube.
• Design and maintain cloud-based solutions on public cloud
• Partner with software engineers and QA team to automate and streamline our operations and processes
• Stay up-to-date on the latest DevSecOps trends and technologies and propose new solutions for continuous improvement

What you bring to the table:

• Must have:
  • Minimum of eight (8) years relevant experience in designing and building frameworks and tools  
  • Must be fluent in English, both written and verbal
  • Experience in the design and implementation of fully automated Continuous Integration, Continuous Delivery, Continuous Deployment pipelines and DevOps processes for Agile projects
  • Experience with Chef, Puppet, Salt, or Ansible
  • Knowledge of IP networking, VPN's, DNS, load balancing and firewalls
  • Experience with monitoring and log aggregating frameworks such as Kafka, Logstash, Splunk, ElastiSearch, NewRelic, and Kibana
  • Experience implementing and designing cloud-native security concepts, DevSecOps or MLOps
  • AWS/Azure Certification(s) such as Solutions Architect Pro, DevOps Engineer Pro, SysOps Admin, Developer Associate
  • Experience in systems automation, orchestration, deployment, and implementation, as well as experience with scaling distributed data systems
  • Experience architecting cloud native CI/CD workflows and tools, such as Jenkins, Bitbucket Pipelines, Azure DevOps, Bamboo, TeamCity, Code Deploy (AWS) and/or GitLab
  • Hands-on experience with microservices and distributed application architecture, such as containers, Kubernetes, and/or serverless technology
  • Ability to work with offshore teams & development partners
• Nice to have:
  • Experience with other commerce platforms such Commerce Tools / Oracle Commerce / Salesforce Commerce
  • Working experience in a headless architecture
  • Hybris certification

Location and Travel: At Balsam Brands, we believe that time spent together, in-person, collaborating and building relationships is important. To be considered for this role, it is preferred that candidates live within the Mexico City, Guadalajara, or Monterrey metropolitan areas in order to attend occasional team meetings, offsites, or learning and development opportunities that will be planned in a centralized location. Travel to the U.S. may be required for companywide and broader team retreats.

Notes: This is a full-time (40 hours/week), indefinite position with benefits. Candidates must be Mexican nationals to be eligible for this position; this screening question will be asked during the application process.  Velocity Global is the Employer of Record for Balsam Brands' Mexico City location, and you will be employed and provided benefits under their payroll. Balsam Brands has partnered with Velocity Global to act as your Employer of Record to ensure your employment will comply with all local laws and regulations and you will receive an exceptional employment experience.

• Check out our flagship brand, Balsam Hill: www.balsamhill.com
• Balsam Brands in Forbes: https://bit.ly/balsambrandsforbes2023 
• LinkedIn: http://www.linkedin.com/company/balsam-brands
• Glassdoor: https://bit.ly/balsambrands-glassdoor

Benefits Offered:

• Competitive compensation; salary is reviewed yearly and may be adjusted as part of the normal compensation review process
• Career development and growth opportunities; access to online learning solutions and annual stipend for continuous learning
• Fully remote work and flexible schedule
• Collaborate in a multicultural environment; learn and share best practices around the globe
• Government mandated benefits (IMSS, INFONAVIT, SAR, 50% vacation premium)
• Healthcare coverage provided for the employee and dependents
• Life insurance provided for the employee
• Monthly grocery coupons
• Monthly non-taxable amount for the electricity and internet services 
• 20 days Christmas bonus
• Paid Time Off: Official Mexican holidays and 12 vacation days (increases with years of service), plus additional wellness days available at start of employment 

Additional Information

All your information will be kept confidential according to EEO guidelines.