Software and infrastructure development is a balancing act between security and speed. At a big data cybersecurity-focused start up like Terbium, we live this reality on a daily basis. Securing a distributed big data pipeline like Terbium’s Dark Web Crawler is no small feat, but we love a challenge. That’s where the DevSecOps engineers come in.
Our DevSecOps engineers get to do a little bit of everything. Terbium is looking for that DevOps engineer that has an interest in security, or security engineer that knows their way around the AWS console.
Are you in the stage in your career where you want to lead a team, design the architecture and work all the way from big picture to small details. Leadership positions are available. Apply!
If you aren’t quite looking to lead, but are a self-starter and willing to learn new skills. Apply! We always work to build the position that best fits our individual team member.
At Terbium, a DevSecOps Engineer responsibilities could include:
- Establishing a culture of agile software development
- Designing and implementing security-focused tools and services for detection/remediation of vulnerabilities in cloud and physical environments
- Maintaining a highly reliable software platforms for all Terbium Labs' products/services
- Mitigate abusive activities, such as DDoS attacks, spamming, and/or botnets against outward-facing endpoints
- Understanding security principles such as defense-in-depth, least privilege, failing securely, etc.
- Implement technical solutions for security best practices on network devices and operating systems
- Supporting the ongoing accreditation of our infrastructure per the PCI-DSS security framework
- Monitoring security events in our infrastructure using SIEM tools
Experience with the following are important:
- Continuous integration/delivery
- Security principles (defense-in-depth, least privilege, failing securely, etc.)
- Change/configuration management
- Building and maintaining cloud infrastructure
- System monitoring and log analysis
Experience with any of the following tools would be great:
- Amazon Web Services (IAM, VPC, ECS, EC2, SQS, S3, DynamoDB)
- Jenkins, GitHub, Travis-CI
- Nessus, OSSEC/Wazuh, Snort, Logstash, Elasticsearch, Kibana, Grafana
- Ansible, Bash, Python, Packer, Terraform, Consul, Vault
Don’t fit all these qualifications, but willing to learn and self-teach? Please submit a resume and cover letter for consideration, along with any supporting materials you can share to highlight your qualifications, to us at firstname.lastname@example.org. We are remote friendly.