Senior Specialist, DevSecOps

Fremont, CA; Novi, MI; Columbia, SC; United States

Scout Motors

We're designing, engineering, and building the next generation of electric trucks and rugged SUVs for the doers, makers, and explorers. The new Scout® Traveler™ and Terra™ models are here, born from the original legend, retooled for a new era.

View all jobs at Scout Motors

Apply now Apply later

Here at Scout Motors, we're carrying forward the heritage of one of the most iconic American vehicles in history. A vehicle dating back to 1960. One that forged the path for future generations of rugged SUVs and will do so once again.

But Scout is more than just a brand, it’s a legacy steeped in a culture of exploration, caretaking, and hard work.

The Scout brand is all about respect. Respect for the environment by developing electric vehicles with the capability to get you to any location. Respect for the past and the future by taking an iconic American brand that hasn’t been around for a while, electrifying it, digitizing it, and loading it with American innovation. Respect for communities by creating a company that stands for its people and its customers. And respect for both work and play, with vehicles that are equally at home at a camp site, a job site, or on a Tuesday commute.

At Scout Motors, we empower our talented, inclusive, and entrepreneurial teams to innovate. What makes a Scout employee? Someone who is a visionary and a leader, who seeks new paths and shares lessons learned. A knowledgeable doer who collaborates across the company to build better. A go-getter with unrivaled passion.

Join us at Scout Motors and be part of shaping the future of transportation. If you're ready to drive change and make history, apply now!

What you’ll do

Become part of an iconic brand that is set to revolutionize the electric pick-up truck & rugged SUV marketplace.

The essence of this role is to:

  • Be a hands-on security specialist in the Dev-Ops build culture of Scout’s cloud-first Platform Engineering Team.
  • Lead the implementation and integration of security controls in the software development lifecycle.
  • Collaborate with system administrators and network engineers to ensure proper configuration and maintenance of security controls. Help develop and implement an organization-wide information security strategy and roadmap for software and cloud security.
  • Provide security guidance to Information Technology (IT) Teams to design and develop secure information systems, networks, and applications, ensuring alignment with business goals and regulatory requirements.
  • Define security requirements and recommend appropriate security technologies and solutions.
  • Possess a deep understanding cloud-native security concepts and the integration of security controls into IaaS – specifically AWS and Azure.
  • Implement and configure security controls such as firewalls, intrusion detection systems, encryption mechanisms, access controls, and authentication systems, using Infrastructure as Code, and DevOps practices.
  • Conduct regression testing to ensure completeness and efficacy of security controls and configurations.
  • Conduct security assessments to identify potential vulnerabilities and develop mitigation strategies.
  • Implement, operate, and automate security controls, and procedures.
  • Aid security awareness programs and training sessions for IT and engineering employees to promote a security-conscious culture.
  • Participate in incident response efforts during security incidents, support forensic investigations, and implement corrective actions.
  • Stay up to date with the latest information security trends, threats, and technologies, and provide recommendations for improvement.
  • Collaborate with internal and external auditors to ensure compliance with relevant regulations and standards.
  • Participate in audits, assess security controls, and provide necessary documentation and evidence.

Location & Travel Expectations: This role is based in Fremont, CA; Novi, MI; or Columbia, SC. Most of the responsibilities of this role can be completed virtually; however, it will require occasional attendance at in-person meetings and events. We will consider well qualified remote applicants for this role. This role is not eligible for remote work in New York City. Applicants should expect that the role may require the ability to convene with Scout colleagues in person and be able to travel to participate in events on behalf of the company from time to time. 

What you’ll bring 

We expect all Scout employees to have integrity, curiosity, resourcefulness, and strive to exhibit a positive attitude, as well as a growth mindset. You’ll be comfortable with change and flexible in a fast-paced, high-growth environment. You’ll take a collaborative approach to achieve ambitious goals. Here's what else you'll bring: 

  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
  • 8+ years of experience in information security, with a focus on secure development, application security, DevSecOps, and/or cloud security.
  • In-depth knowledge of information security principles, best practices, and frameworks (e.g., ISO 27001, NIST).
  • Relevant security certifications such as K8S: (CKS, KCSA) AWS Certified Security Specialty
  • Strong understanding of network and system architecture, including cloud environments.
  • Deep experience engineering security controls in cloud IaaS environments
  • Extension knowledge of Infrastructure as Code (IaC) practices such as Terraform, Pulumi, Ansible, CDK, etc
  • Experience with EKS/K8S, Helm, Kustomize and other container orchestration techniques and practices.
  • Familiarity with could-native security controls and configuration.
  • Experience in designing and implementing security solutions across multiple platforms and technologies.
  • Familiarity with regulatory requirements such as GDPR, HIPAA, PCI DSS, etc.
  • Professional certifications such as CISSP, CISM, or GIAC are highly desirable.
  • Excellent analytical and problem-solving skills.
  • Strong communication and collaboration abilities.
  • Ability to work effectively in a fast-paced and dynamic environment.

What you'll gain

The benefits of joining Scout include the chance to build products and a company from the ground up.  This is a chance to create something new and lasting – with an iconic brand at its foundation.  In addition, Scout provides competitive compensation and benefits to support your physical, mental, and financial wellbeing. Program specifics are detailed in company policies and employee benefit guides, select highlights:

  • Competitive insurance including:
    • Medical, dental, vision and income protection plans
  • 401(k) program with:
    • An employer match and immediate vesting
  • Generous Paid Time Off including:
    • 20 days planned PTO, as accrued
    • 40 hours of unplanned PTO and 14 company or floating holidays, annually
    • Up to 16 weeks of paid parental leave for biological and adoptive parents of all genders
    • Paid leave for circumstances related to bereavement, jury duty, voting time, or military leave

Pay Transparency

This is a full-time, exempt position eligible to receive a base salary and to participate in an annual performance bonus program. Final salary offered will be determined based on factors including but not limited to the candidate's skills and experience. The annual performance bonus program is preset and not candidate dependent.

Initial base salary range = $150,000-$180,000

Internal leveling code: IC8

Notice to applicants:

  • Residing in San Francisco: Pursuant to the San Francisco Fair Chance Ordinance, Scout Motors will consider for employment qualified applicants with arrest and conviction records. 
  • Residing in Los Angeles: Scout Motors will consider for employment qualified applicants with criminal histories in a manner consistent with the Los Angeles Fair Chance Initiative for Hiring Ordinance. 
  • Residing in New York City: This role is not eligible for remote work in New York City.

 

Equal Opportunity

Scout is committed to employing a diverse workforce and is proud to be an Equal Opportunity Employer. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, disability, pregnancy, or any other characteristics protected by law. Scout is committed to compliance with all applicable fair employment practice laws. If you require reasonable accommodation to complete a job application, pre-employment testing, or a job interview or to otherwise participate in the hiring process, please contact ScoutAccommodations@scoutmotors.com.

Apply now Apply later
Job stats:  0  0  0
Category: DevSecOps Jobs

Tags: Ansible Application security Audits AWS Azure CISM CISSP Cloud Compliance Computer Science DevOps DevSecOps Encryption Firewalls GDPR GIAC Helm HIPAA IaaS Incident response Intrusion detection ISO 27001 Kubernetes NIST PCI DSS SDLC Security assessment Security strategy Strategy Terraform Vulnerabilities

Perks/benefits: 401(k) matching Competitive pay Flex hours Flex vacation Health care Insurance Medical leave Parental leave Salary bonus Startup environment Team events Transparency

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.