Associate, DevSecOps Engineer (Remote)

Join our mission to create a completely new, 100% digital bank that uses consumer feedback to truly meet customers’ best interests. Jenius Bank, a division of SMBC MANUBANK, and a member of SMBC Group, is being built by a close-knit and fun-loving team of financial services professionals and technology experts who came together for the challenge of building a full-service digital bank from scratch. We’re committed to doing it the right way for the customer and are growing rapidly. To learn more about our relationship to our parent company, visit our website.

The anticipated salary range for this role is between $97,000.00 and $154,000.00. The specific salary offered to an applicant will be based on their individual qualification, experiences, and analysis of current compensation paid in their geography and the market for similar roles at time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC MANUBANK offers a competitive portfolio of benefits to its employees.
.

Jenius Bank is strategically scaling up a portfolio of products and building extraordinary experiences. In 2023, we launched our first two products reaching $1 billion in deposits and over $700 million in loans, all before Jenius Bank’s first anniversary. We don’t plan to slow down, with ambitious growth plans and the capital necessary to execute a multi-year strategic plan. We have a start-up mindset paired with SMBC Group’s 400 years of history. SMBC Group has more than 150 offices and 86,000 employees worldwide in nearly 40 countries and is committed to creating new business to better serve customers in the rapidly evolving digital environment. Join us on the journey that has caught the attention of the Banking Dive, and more to reinvent banking where smarter banking translates to a richer life.

SUMMARY:

We are looking for a candidate with a proven background in defining and implementing security engineering solutions. As the Cloud Cybersecurity Engineer, you will provide expert advice and lead the design and implementation of the security components in hybrid cloud environment including Azure and GCP. In this role, you will lead implementing solutions with a process-driven view, as well as scheduled maintenance and/or updates to existing structures.

PRINCIPAL DUTIES AND RESPONSIBILTIES:

• Plan and design methods for the optimization and integration of various forms of technology systems or policies and high-level principals.
• Apply varied engineering and design theories to produce robust, integrated functioning of various systems, technology interfaces, and/or overarching information policies and high-level principles.
• Assess the functioning of overall technology and communications systems and end-to-end processes and look for ways to upgrade and optimize systems and processes in the future.
• Work across the architecture and technology organization to ensure effective implementation, architecture compliance, and conflict resolution.
• Implement selected security solutions in the Azure and GCP Cloud environments.  This would include security related policy, deployment of end-point controls, and securing Kubernetes.
• Build the DevSecOps program vision and strategy covering all aspects from architecture, design, development, and deployment.
• Build and publish application security standards, design patterns and secure coding standards for web and mobile security
• Build and implement API Security vision and strategy including protection capabilities for securing APIs throughout their life cycle
• Establish encryption standards for the organization
• May participate in other ad-hoc projects to upgrade or install cloud components, workstations, networks, or software, or to assess and optimize overall functioning of technology, data, and processes.

POSITION SPECIFICATIONS:

• Minimum of 3 years of experience in Cybersecurity and/or related field. 
• Bachelor’s degree or equivalent work experience, Azure/ GCP certifications
• Experience designing, building, and implementing security architecture within cloud environments 
• (AWS, Azure, GCP, etc.) Azure and GCP preferred.
• Proficient knowledge and use of Terraform for automation.
• MS Defender, Sentinel, CrowdStrike, Rapid7, Imperva, Palo Alto Firewalls and native cloud firewalls
• Experience with industry security frameworks (CIS, NIST)
• Foundational and functional understanding of how APIs works (RESTful)
• Understanding of API and Service Mesh security - specifically on common controls for API security (SSO, OAuth, Threat Protection)
• Applicable security certifications desired; CISSP, CEH, GIAC, GSEC, or CSSLP or advanced degree in InfoSec.
• Azure/GCP Architecture certification preferred.

EOE STATEMENT
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

CCPA DISCLOSURE
Personal Information Collection Notice: This notice contains information under the California Consumer Privacy Act (CCPA) about the categories of personal information (PI) of California residents that SMBC MANUBANK collects and the business or commercial purpose(s) for which the PI may be used. We do not sell PI. More information about our collection and use of PI may be found in our CCPA Privacy Policy at https://www.smbcmanubank.com/privacy/ccpa-disclosure. Persons with disabilities may contact our Customer Contact Center toll-free at (877) 560-9812 to request the information in this Notice in an alternative format.