At Opal, we believe enterprise software should be beautiful, simple and designed for the job at hand. The Opal platform empowers marketing teams to collaborate within a dedicated environment to plan, visualize and deploy campaigns across all marketing channels, reducing complexity and aligning teams for better marketing results.
Our team is deeply invested in encouraging a culture that promotes design thinking, collaboration and a passion for excellence. We work together as a team to revolutionize the modern marketing organization.
Opal is seeking a Senior DevSecOps Engineer who is excited to work on a robust suite of web and mobile applications, allowing creative teams to collaborate and thrive in fast-paced environments at Fortune 500 brands and agencies all over the world.
As a Senior DevSecOps Engineer at Opal, you will improve the robustness of our security practices, compliance, tools, and infrastructure, helping our engineering teams maintain the sky-high level of trust our organization has built with customers across the globe.
You should enjoy being in both the DevOps and Security realms. You’ll have a wide scope of tasks, focusing on some of these key themes: access control, application security, infrastructure and automation security and best practices, cloud security, data security, forensics, hardening, incident response, monitoring and threat detection, remediation, creating new architectures and automation, training, and secure development.
You will be also be a leader in our Platform Operations team, serving to guide the team to best practices and uplift other engineers by leveraging previous experience and sharing knowledge.
What you’ll do:
Software Engineering + Security
- Ensure the security of architecture, design, development, coding and configuration of both existing systems as well as new initiatives and enforce security policies.
- Discover and plan remediation for application vulnerabilities in the ruby/rails platform.
- Coach fellow engineers on best practices for maintaining security throughout the software development lifecycle.
- Document and communicate discovered issues; work with teams to resolve them in a manner which improves security and encourages agility
- Research best practices for a variety of technologies and document / advise on solutions for security for multiple teams.
- Work with other members of the Technical Operations team to determine and implement changes to the company's network defense posture
- Provide security domain expertise on protective controls, to include system, network, encryption, storage, and authentication services
- Perform forensics research, Root Cause Analysis, and provide incident response
- Document and create requirements around best practices for security systems and architectures for cloud and on-premise web applications
- Ability to research, document and implement best practices for new platforms adopted by different departments.
- Act as point (for the Product team) for all activities supporting key security certifications and the associated audits (i.e. ISO 27001, SOC 2, etc.).
- Develop technical solutions and select or build new security tools to mitigate vulnerabilities.
- Communicate with management and/or customers regarding threats, risks, assessments, and issues.
- Effectively communicate security remediation strategies.
- Build security monitoring systems from the ground up as new technologies become implemented.
- Develop hardening guidelines and review security configurations related to Linux/Unix hosts, Cloud technology deployments and common web application frameworks
- Help security harden a stack of technologies including: Terraform, Docker, AWS, Azure, Google Cloud, Ansible, Vagrant, Jenkins
- Administer and maintain credentials for a variety of infrastructure and services
- Maintain, protect, and administer data storage systems including security, encryption, and GDPR compliance
- Build tools, systems, and processes that allow your fellow engineers to ship world-class software as quickly and efficiently as possible
- Architect, support, test, and maintain CI/CD pipelines (Blue/Green experience, is a plus)
- Working closely with QA, Platform, Operations, and Experience/UI teams to automate and improve security in workflows
- Advise, and support best practices with a security mindset for a variety of technologies
- Taking part in product brainstorms to help think up the next big thing and bring a strong security stance along the way.
- Lending a helping hand, or ear, whenever necessary
- Be a leader in documenting, educating, and de-siloing of information and process
- Be a champion of supporting customer needs and finding short-term ways to fill those needs
What you’ll bring:
- 8+ Years of DevOps / SecOps / DevSecOps experience supporting enterprise-grade web applications
- Strong ability to gather and present data to support ideas, projects, and opinions
- AWS ecosystem mastery
- Strong understanding of modern web application architectures, both service-oriented and monolithic, ideally focused around Ruby-on-Rails and Elixir
- Experience with infrastructure as code and technologies behind it (Terraform preferred)
- Experience working with production web applications on cloud-based hosting and containerized technologies like Docker.
- Experience managing internal privacy and security certifications such ISO 27001, SOC 2 and GDPR
- Experience implementing Web Application Scanning platforms
- Proven ability to act as an internal champion for security within engineering teams
- Static code analysis experience across a broad swatch of languages
- Demonstrated ability to engineer security into full stack architectures on next-generation cloud and container platforms
- Detailed understanding of security industry standards and frameworks from OWASP, CIS and NIST
- Proven ability to manage projects, gaining consensus and buy-in cross functionally
- Proven ability to drive initiatives with diplomacy and empathy
- Knowledge on load balancers, network device authentication, firewalls, network segregation, VPNs, Security Information and Event Management
- Natural alignment with Opal’s Values: Professional, Intentional, Steadfast, Helpful, Creative, Passionate, and Empathetic
- Demonstrated ability to work effectively with individuals from diverse communities and cultures
Opal employees enjoy a range of benefits, some of which include:
- Competitive compensation and stock options
- Company paid individual Health, Dental, and Vision benefits, including Disability and Life Insurance
- Flexible Paid Time Off and Paid Holidays
- Paid Maternity/Parental Leave
- Flexible Spending Accounts (FSA) - Medical, Dependent Care, Transit, Commuter
- 401(k) and Roth retirement plans
- Company-sponsored outreach & activity programs
- A beautiful office space with plenty of snacks, Stumptown coffee, and friendly coworkers
Opal is an equal-opportunity employer and committed to creating an inclusive and diverse environment. We believe a diverse workplace promotes innovation and enhances decision making. We encourage applications from all qualified candidates and will consider all applicants without regard to race, color, religion, gender identity or expression, national origin, sexual orientation, disability, age, or veteran status.