Lead DevSecOps Engineer

Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth. 

WHAT YOU’LL DO: 
As a cutting-edge technology company, we are searching for a talented Lead DevSecOps Engineer to join our exceptional team. Kaseya is a leader in delivering groundbreaking solutions that empower businesses to thrive in the digital age. You should be a technical contributor who will design, build and execute DevSecOps strategies.  In this position, you will be responsible for planning, coordinating, and executing initiatives that improve the security posture of Kaseya. You will be responsible for executing DevSecOps activities, promote cybersecurity culture and mentor cybersecurity engineers.
 
WHAT WE ARE LOOKING FOR: 
The ideal candidate for this role is an experienced DevSecOps Engineer with a passion for security and strong leadership skills. This person must have effective communication, project management, and team management skills. An applicant will also show the ability to work autonomously, self-direct when needed, be ok with failing but failing forward, and finally show fortitude and grit.
Prior experience as a DevSecOps engineer is required, the candidate must have experience and demonstrate capability in this domain. This person must have effective communication and project management skills.
THE SCHEDULE: 
This position is 100% in our Dundalk office or remote.
Key Responsibilities
•    Define Security Standards: Develop and enforce security best practices, guidelines, and frameworks to be used throughout the DevOps pipeline.
•    Secure Development Lifecycle (SDLC): Ensure security principles are integrated into each phase of the SDLC, from design to deployment, through security tools, code reviews, and best practices.
•    Threat Modeling and Risk Assessment: Identify potential threats to applications and infrastructure, evaluating the likelihood and impact of these risks, and working with teams to mitigate them early in development.
•    CI/CD Pipeline Security: Integrate security testing (such as SAST, DAST, and vulnerability scanning) into CI/CD pipelines to automate security checks and detect vulnerabilities in real time.
•    Infrastructure as Code (IaC) Security: Implement security measures in IaC, ensuring secure configurations of cloud infrastructure and monitoring for drift from these configurations.
•    Automated Compliance: Develop automation scripts for continuous compliance checks, ensuring regulatory requirements (like GDPR, HIPAA, or PCI-DSS) are consistently met.
•    Educate and Train: Conduct security awareness and training sessions for developers, operations, and product teams to foster a security-first culture.
•    Stakeholder Collaboration: Work closely with other engineering, product, and business teams to align security with organizational goals without compromising agility.
•    Mentorship and Leadership: Mentor junior security and DevOps engineers, guiding them in implementing secure coding practices, CI/CD security, and other DevSecOps practices.
•    Evaluate and Implement Security Tools: Research, assess, and implement the right security tools for code scanning, monitoring, vulnerability assessment, and infrastructure security.
•    Optimize DevSecOps Toolchain: Ensure the toolchain is optimized for performance, security, and scalability while maintaining compatibility with existing development and operational workflows.
•    Configuration Management and Version Control: Manage secure configuration and version control for systems, ensuring compliance and minimizing the risk of misconfigurations.
Skills & Experience Required
•    Technical Expertise: Proficient in DevSecOps practices, with expertise in Linux, Kubernetes, Docker, Jenkins, and cloud platforms (AWS, Azure).
•    Coding & Scripting: Advanced skills in Python, Bash, and infrastructure-as-code (e.g., Terraform).
•    Security Tools: Experience with vulnerability scanners (e.g., Snyk, WIZ, GitHub advance security…) and SIEM solutions.
•    Communication: Skilled at cross-functional communication with DevOps, IT, and Security teams.
WHAT YOU’LL BRING:
•    Prior experience as DevSecOps Engineer 
•    Working understanding of modern security vulnerabilities and best practices in the SDLC.
•    Strong understanding of Linux and Windows Operating Systems.
•    Experience scripting and automating mechanisms in the SDLC.
•    Working experience in enterprise environments.
•    Experience on implementing security mechanisms in complex environments.
•    Strong written and verbal communication skills, with a passion for documentation.
•    Works effectively under pressure in a fast-paced, dynamic environment.
•    Strong work ethic and an insatiable desire to learn.
•    It thrives in a team-based environment leaving ego at the door. 
•    Continuously strive for the betterment of engineering at Kaseya.
•    Develop and enforce Security standard methodologies, processes, and tools.
•    Be the bridge between DevSecOps Engineers, Software and Systems engineering.
•    Identify trends in need of a larger solution, beyond the scope of the immediate problem. 
•    Champion best Security practices within the organization.
•    Solve complex and challenging problems with simple, maintainable, and scalable solutions.

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.