As a SecDevOps Engineer, youll lead security efforts around our dynamic and fast-paced production environments. Youll define and create operation tools and processes, and play a hands-on role in directly impacting work across all R&D flows.
Responsibilities
Secure and monitor live production environments.
Perform security drill-downs and investigations.
Act as a subject matter expert and manage security incidents across all organizational environments.
Implement monitoring and alerting procedures and mechanisms.
Design and implement automation processes for security monitoring and incident response-related flows.
Design, implement, and develop security solutions according to R&D/production needs.
Identify new security threats, and trends by conducting continuous monitoring, vulnerability assessments, and log analyses.
Conduct regular internal and external security assessments, vulnerability scans, and penetration testing of systems and applications to identify and remediate security weaknesses and threats.
Manage Elementors bug bounty program.
Generate regular reports on security metrics, compliance, and incident response activities for management and stakeholders.
3+ years of hands-on DevOps experience in a cloud environment.
At least 2 years of experience with Kubernetes, containers, and serverless security.
1+ years of relevant industry experience in security, with a solid knowledge of information security principles and practices.
Experience integrating security into CI/CD pipelines.
Experience with cloud vendors such as GCP/AWS – Must
In-depth understanding and proven experience in security monitoring and analytics.
AppSec – Knowledge of SSDLC best practices around application security.
Strong understanding of cybersecurity and network principles.
Advantages
Solid understanding of security/operations infrastructure.
Experience with large-scale cloud infrastructures and services.
Experience leading integration processes for SIEM systems.
Experience with incident response (IR) attacks and mitigation methods.
Experience building tools and processes using Python or Go to address security-related needs.