DevSecOps Engineer II

Summary

Our organization is actively recruiting highly qualified professionals from various regions of the United States. This is a remote position.

We are seeking a highly skilled DevSecOps Engineer II to join our Information Security team. As a DevSecOps Engineer II, you will be responsible for developing and maintaining our Infrastructure as Code (IaC) pipelines on AWS and Azure. You will work closely with our development and security teams to ensure that our infrastructure meets the highest standards of security and compliance.

The ideal candidate must have hands-on experience with security engineering tasks in DevSecOps workflows. This includes maintaining security controls implemented in the software development lifecycle and collaborating with developers to ensure that security is built into the code by ensuring the continued functionality of linting tools and related policies. They should also be proficient in maintaining Terraform IAC (Infrastructure as Code), as well as scripts in Python, Bash or Powershell that automate security tasks and improve efficiency.

Finally, the applicant must have excellent problem-solving skills, be detail-oriented, and have effective communication skills. They must be able to work independently and as part of a team, and be comfortable working in a fast-paced, dynamic environment.

Visa Sponsorship Available

No

Minimum Requirements

Combination of Education and Experience will be considered. Must be authorized to work in the US as defined by the Immigration Act of 1986. Must pass a Criminal Background Check.

Education: Bachelor’s Degree. Degree in relevant field. (Experience may be considered in lieu of degree.)

Certification: Technical certifications or equivalents.

Years of Experience:

•Minimum five (5) years of supporting / implementing network security platforms & strategies.

•Minimum three (3) years of experience in information security.

•Thorough understanding of information security—call it a security ethos—capable of being shared as best practices that provide guidance to other organizations within Allegiant as well as provide skills uplift to the information security engineering team.

•Capable of ensuring the uptime and reliability of Allegiant's information security systems. Problem resolution skills are critical to this role as they must be able to swiftly pinpoint and remediate security tool concerns.

•Well-versed in one or more cloud service providers, capable of providing leadership and guidance to the security engineering team.

•Ability and willingness to partner to cross functional teams and, as such, should be succinct and articulate across all communication mediums, whether voice, chat, email, or via documentation.

•Possess deep cybersecurity knowledge and the ability to integrate security practices into the development process and collaborate with development teams to ensure secure coding practices. This will mean performing regular code reviews, meeting with development teams, and performing vulnerability management within the infrastructure—which, by extension, means that competence with various DevOps toolkits will need to be maintained.

•Hands-on experience with security engineering tasks in DevSecOps workflows.

•Strong knowledge of, and long working experience with, Terraform Infrastructure as Code.

•Capable of utilizing and maintaining popular code linting tools such as Bandit, JShint, ShellCheck, ESLint, Pylint, Checkov (IAC) and Rubocop to enforce coding standards and improve code quality.

•Skilled in the creation and maintenance of scripts in Python, Bash or Powershell to automate security tasks and improve efficiency.

•Strong knowledge of public cloud security and private cloud security constructs, and the effective deployment of cloud security tools such as network security groups, NGFW, IAM.

•Skilled communicator with experience coaching junior engineers and providing succinct documentation.

•Familiarity and experiences with Amazon routing and load balancing technologies including ALB (Application Load Balancers), NLB, and Gateway Load Balancer.

•Experience Network routing protocols such as BGP, OSPF, EIGRP, IGRP, RIP, and RIPv2 with accompanying best practices.

•Experience with Cloud network resources such as VPC (Virtual Private Cloud) peering and Transit Gateway.

•Experience and proven ability to work under time constraints and pressure.

•Ability to work independently and as part of a team, and being comfortable working in a fast-paced, dynamic environment.

•Capable of advising and implementing CloudFormation & Terraform IAC best practices and security.

Job Duties

•Develop and maintain Infrastructure as Code (IaC) pipelines on AWS and Azure.

•Work closely with development and security teams to ensure that our infrastructure meets the highest standards of security and compliance.

•Build and maintain automated security and compliance checks for our infrastructure.

•Develop and maintain monitoring and alerting systems for our infrastructure.

•Automate security response and remediation processes.

•Protect the organization's computer systems, networks, and data through the troubleshooting and maintenance of security measures.

•Demonstrate excellent problem-solving skills, attention to detail, and effective communication skills.

•Remain apprised of CSP (Cloud Service Provider) best practices and documentation, maintaining appropriate certifications and sharing findings with teams during weekly meetings.

•Create and maintain scripts in Python, Bash or PowerShell to automate security tasks and improve efficiency.

•Utilize and maintain popular code linting tools such as Bandit, JShint, ShellCheck, ESLint, Pylint, Checkov (IAC) and Rubocop to enforce coding standards and improve code quality.

•Develop and maintain security policies and procedures for AWS IAM, AWS Key Management, and AWS Certificate Manager to ensure best practices are being followed.

•Monitor and maintain Cloudflare WAF to ensure that web applications are protected from OWASP Top 10 vulnerabilities.

•Manage and configure AWS Guard Duty to detect and respond to security incidents in real-time.

•Work with SIEMs to ensure that logs and events are being captured and analyzed to identify potential security threats.

•Use Terraform IAC to create and manage AWS infrastructure in a secure and compliant manner.

•Write Python scripts to automate security tasks and improve efficiency.

•Use Checkov IAC Linting to ensure that AWS infrastructure code is compliant with security best practices.

•Create and manage AWS Lambda functions to automate incident response and remediation tasks.

•Configure AWS Event Bridge and AWS CloudWatch to monitor infrastructure and trigger alerts when security events occur.

•Work with the team to review and approve Github pull requests, and troubleshoot Github action and custom pipeline builds.

•Troubleshoot AWS Network Infrastructure and infrastructure as code to promptly resolve incidents and minimize downtime and maximize uptime.

•Advise on network protocol, operating system, cryptography, and AWS cloud security.

•Maintain security controls, evaluate products and technologies, and integrate them into IT systems and applications.

•Deploy AWS security measures and conduct regular security assessments.

•Debug Terraform & CloudFormation infrastructure as code builds in custom pipelines as well as in GitHub Actions.

•Work independently and as part of a team in a fast-paced, dynamic environment.

•Deploy security measures to protect data stored on public clouds against unauthorized access.

•Deploy identity and access management roles and permissions in Allegiant’s cloud providers.

•Remain up to date on CSP best practices and documentation and share findings with teams.

•Automate security tasks and improve efficiency with scripts in Python, Bash, Terraform or PowerShell.

•Work effectively in an Agile Scrum workflow, demonstrating strong project management hygiene.

•Provide advanced in-depth, top-level support for complex information security issues at all Allegiant locations.

•Work with application developers to identify security requirements and issues.

•Document components of the Allegiant information security systems.

•Remain apprised of CSP (Cloud Service Provider) best practices and documentation, maintaining appropriate certifications and sharing findings with teams during weekly meetings.

•Develop and implement AWS Lambda functions to automate incident response and remediation tasks.

•Configure AWS Event Bridge and AWS CloudWatch to monitor infrastructure and immediately alert the team when security events occur.

•Collaborate with the team to review and authorize Github pull requests, and identify and resolve issues with Github Actions and custom pipeline builds.

•Model Allegiant’s customer service standards in personal actions and when providing direction.

•Other duties as assigned.

Physical Requirements

The Physical Demands and Work Environment described here are a representative of those that must be met by a Team Member to successfully perform the essential functions of the role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the role.

Office/IT - While performing the duties of this job, the Team Member is regularly required to stand, sit, talk, hear, see, reach, stoop, kneel, and use hands and fingers to operate a computer, key board, printer, and phone. May be required to lift, push, pull, or carry up to 50 lbs. May be required to work various shifts/days in a 24 hour situation. Regular attendance is a requirement of the role. Exposure to moderate noise (i.e. business office with computers, phones, printers, and foot traffic), temperature and light fluctuations. Ability to work in a confined area as well as the ability to sit at a computer terminal for an extended period of time. Some travel may be a requirement of the role.

Essential Services Provider

Allegiant as a national air carrier is deemed an essential service provider during declared national and state emergencies. Team Members will be required to report to their assigned trip or work location during national and state emergencies unless prohibited by local, state or federal order.

EEO Statement

We welcome all individuals from varied backgrounds and experiences to apply. Our company values the unique perspectives and talents that each person brings to our team.

Equal Opportunity Employer: Disability/Veteran

For more information, see https://allegiantair.jobs

Full Time Benefits:

Profit Sharing

Medical/Dental/Vision/Life/ Disability Insurance

Medical Travel Reimbursement

Legal, Identity and Pet Insurance

401K with an employer match

Employee Stock Purchase Plan

Employee Assistance Program

Tuition Reimbursement

Flight Benefits

Paid vacation, holidays, and sick time

Part Time Benefits:

Profit Sharing

Medical Travel Reimbursement

Legal, Identity and Pet Insurance

401K with an employer match

Employee Stock Purchase Plan

Employee Assistance Program

Tuition Reimbursement

Flight Benefits

Sick time