DevSecOps Engineer
Ramat Gan, Tel Aviv District, IL
Earnix
Real-time AI-driven rating engine, dynamic pricing, product personalization, and analytical underwriting solutions for insurance & banking from Earnix.Description
We are looking for a DevSecOps Engineer to join our Platform engineering team. This team is responsible for our SaaS security posture, developing our 24/7/365 production automation and security routines. As a part of this team, you will lead technical security-related projects, contribute code to these, enhance our security monitoring, and define best practices for secure infrastructure development. You will work closely with software architects, developers, and support engineers, to define and implement infrastructure as code.
What You’ll Do:
Develop and maintain a comprehensive map of our production security posture, identifying strengths, weaknesses, and areas for improvement. Based on that you will establish a backlog of security initiatives and improvements that need to be implemented to enhance our overall security framework. You will prioritize these initiatives based on risk assessments, regulatory requirements, and industry best practices, ensuring that we continuously evolve and strengthen our defenses against emerging threats.
Join our Platform new features development efforts and guide on best practices, contribute some of the code and review other security related aspects of the feature.
Lead integration projects with third-party solutions, ensuring alignment with our security standards.
Own security tools like CSPM, EDR, and OS patching tools, managing their configuration and performance optimization.
Stay ahead in infrastructure vulnerability management and patching policies, conducting regular security assessments.
Handle outages and security incidents, providing resolution and root cause analysis, including post-mortem documentation and a protocol for resolution and further mitigation/prevention actions.
Develop internal tools and leverage external tools to build, harden, integrate, and maintain security orchestration and automation
Requirements
You’ll do it using:
Experience with cloud identity, networking architecture and security, preferably within Amazon Web Services (AWS).
Experience with IaC and CM tools such as Terraform, CloudFormation, and Ansible.
Hands-on experience as a DevSecOps engineer with extensive knowledge in network security and tools such as Firewalls, WAF, EDR, CSPM and more.
Coding experience in Bash, Python, Go, or equivalent.
Understanding of Kubernetes, containers, and microservices architecture.
Advantage:
Experience with AWS multi account landing zone architecture and the accompanying tools
Experience with Endpoint security, vulnerability scanning, and firewall management.
Experience with Certificates, Secrets, and Key Stores
You’ll excel by:
Strong Communication Skills: Ability to collaborate effectively with cross-functional teams, clearly communicate ideas, and contribute to a positive work environment.
Problem-solving Skills: Strong analytical and critical-thinking skills to identify and solve complex technical problems.
Self-Motivated Learner: A commitment to staying up to date with industry trends, technologies, and innovations in DevSecOps.
Ownership Mindset: A commitment to thinking like an owner, taking initiative, and ensuring the success of our infrastructure.
Mentorship Abilities: Experience in mentoring and guiding team members to foster security awareness.
Position Intro
Earnix is a leading provider of advanced pricing and rating solutions tailored for the insurance industry. Our cutting-edge software empowers actuaries and data scientists within insurance companies to make data-driven decisions and optimize pricing strategies. With a commitment to innovation and a deep understanding of the insurance landscape, Earnix is at the forefront of revolutionizing how insurers approach pricing and rating.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Automation AWS Bash Cloud CSPM DevSecOps EDR Endpoint security Firewalls Kubernetes Microservices Monitoring Network security Python Risk assessment SaaS Security assessment Terraform Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.