Cloud DevSecOps EngineerDate posted 11/25/2021
Job Title:Cloud DevSecOps Engineer
Role Overview:As a Cloud DevSecOps Engineer, you will be responsible for maintaining cloud services within public cloud environments that are governed by strict controls and compliance (e.g. FedRAMP).
Your duties will include but may not be limited to the following:
• Proactive monitoring of the cloud services within your remit - be the first point-of-contact for issues.
• Monitoring of existing cloud services in terms of security compliance, which involves regular reviews of vulnerablity reports.
• Remediation of any issues reported in monthly scans & vulnerablity reports.
• Rebuilding of service containers as necessary, and performing automated regression tests on the services in your remit to ensure updates have been successful.
• Working with colleagues in the US to ensure production cloud services are updated successfully and in a timely manner.
• Build a strong relationship with the Cloud Engineering teams and become a domain expert for the cloud services in your remit.
• Improving overall operational quality through common practices and by working with engineering, testing, and product teams.
• Propose improvments to automate and evolve processes for security and compliance requirements.
• Partnering with Cloud Engineering to bring new services to market.
This is an opportunity for an ambitious cloud engineer to take ownership and drive improvements of cloud services which are critical to the McAfee Enterprise business.
Organizations and governments around the world may have different priorities and transformation initiatives, but one thing in common is that all are faced with growing risk, advanced threats, and complex environments. Today, cybersecurity strategies are critical to long-term success, and McAfee Enterprise is here to provide the industry’s only comprehensive, proactive, cloud security platform. Our technology is designed to protect the people, hybrid infrastructure, IP, and reputation of your business through our actionable threat intelligence and world-class solutions. With a cloud-native portfolio that spans from device to cloud edge and multi-cloud, you can stay ahead of threats by predicting, preventing, detecting, and correcting them. Backed by our 30+ year history, you can trust that we have the focus, experience and expertise needed to continually innovate, and are committed to help you protect what matters most.
About the role
- Work closely with multiple teams to continue delivering services compliant with specific regulations (e.g. FedRAMP).
- Help build scalable cloud infrastructure by delivering reliable, automated deployment pipelines.
- You will have ownership and responsibilities for ensuring that the monthly security audit results are actioned in a timely manner within agreed SLAs:
- Understanding what changes are required
- Understanding the impacts of the changes
- Implement and test the changes in a controlled environment
- Report on the changes through the change management process
- Support the dedicated operations team in the US in updating production environments with relevant changes
- Update any runbooks & SOP’s based on the changes
- Collaborate with other team member on best practices.
- Assist with service deployments to staging & production environments.
- At least 3 to 5 years of hands-on working experience in building & supporting large scale cloud services using automated tools & technologies.
- 2 or more years of professional work experience supporting complex technical solutions hosted in AWS or GCP.
- Excellent written and verbal communication skills.
- Proven ability to work independently, deploying, testing, and troubleshooting systems.
- Experience working with and supporting production-level services within public cloud environments.
- Strong production support background and experience of in-depth troubleshooting.
- Experience working with solutions in both Linux and Windows environments.
- Experience using modern Monitoring and Alerting tools (Prometheus, Grafana, Alerta, Opsgenie etc.)
- Knowledge of ITIL (IT Service Management) – incident management, problem management, release management & Agile practices is a bonus.
- Experience with the tools (Jenkins, TeamCity, etc.) and processes used to support a Continuous Integration and Continuous Deployment environment.
- Experience with Infrastructure as Code tools like Terraform and Ansible or equivalent tooling.
- Experience with containerization technologies and associated management tools (Docker, Kubernetes)
- Cloud Computing experience with AWS.
- Experience with PowerShell, Python, or other scripting languages.
- At least one or more AWS or GCP Certifications.
- Experience with Cloud Computing Security (IAM, Security Groups, KMS, etc.).
- Experience with the use of dynamic security scanning tools such (e.g. Nessus).
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone at McAfee Enterprise to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Pension and Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.