DevSecOps Engineer

Description

monday.com is seeking a skilled DevSecOps Engineer to join our growing team. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls (WAFs), and managing our Cloud Security Posture.

A person in this role will be a part of the team serving a key entity in communication and synchronization between the several groups of stakeholders (Infrastructure, Development, Security), fostering a culture of security awareness and collaboration across all the teams.

About The Role

Securing CI/CD Pipelines:

• Implement and manage security controls for CI/CD pipelines.
• Automate security testing and vulnerability management within the CI/CD process using tools like Terraform.
• Collaborate with development teams to integrate security best practices and policies.

Working with WAFs:

• Configure and manage Web Application Firewalls (WAFs) such as Cloudflare to protect web applications from security threats.
• Monitor and update WAF rules to respond to new vulnerabilities and attack vectors.
• Conduct regular security assessments and audits of WAF configurations.

Cloud Security Posture Management:

• Develop and implement cloud security best practices and policies.
• Continuously monitor cloud environments using tools like AWS Guard Duty, Wiz, Orca, WAF, Cloudflare and similar to ensure compliance with security standards.
• Collaborate with cloud operations teams to identify and remediate security risks.
• Managing security cloud configuration with tools like Terraform and CDK

Implementing Security Self Service approach:

• Development security tools in the organization IDP
• Testing/performing PoC of new security tools to increase efficiency development practices in the security context and foster Secure by Design principle.

Requirements

• 3+ years of experience in DevOps/DevSecOps or related roles.
• Passion for keeping systems secure
• Proficiency in any of languages Python/Go/Typescript 
• Expertise implementing Shift Left/Secure by Design inside CI/CD pipelines using tools such SonarQube, Dependabot alert, Wiz and others.
• Experience with configuring and managing Web Application Firewalls (WAFs) such as AWS WAF, Cloudflare, or similar.
• Excellent problem-solving and communication skills.

Social Title

DevSecOps Engineer

Social Description

monday.com is seeking a skilled DevSecOps Engineer to join our growing team. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls (WAFs), and managing our Cloud Security Posture.

If you are passionate about security and have the skills and experience to make an impact, we encourage you to apply!

Our Team

Position Type

About The Team (Internal)

Internal requirements