monday.com is seeking a skilled DevSecOps Engineer to join our growing team. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls (WAFs), and managing our Cloud Security Posture.
A person in this role will be a part of the team serving a key entity in communication and synchronization between the several groups of stakeholders (Infrastructure, Development, Security), fostering a culture of security awareness and collaboration across all the teams.
About The Role:
Securing CI/CD Pipelines:
- Implement and manage security controls for CI/CD pipelines.
- Automate security testing and vulnerability management within the CI/CD process using tools like Terraform.
- Collaborate with development teams to integrate security best practices and policies.
Working with WAFs:
- Configure and manage Web Application Firewalls (WAFs) such as Cloudflare to protect web applications from security threats.
- Monitor and update WAF rules to respond to new vulnerabilities and attack vectors.
- Conduct regular security assessments and audits of WAF configurations.
Cloud Security Posture Management:
- Develop and implement cloud security best practices and policies.
- Continuously monitor cloud environments using tools like AWS Guard Duty, Wiz, Orca, WAF, Cloudflare and similar to ensure compliance with security standards.
- Collaborate with cloud operations teams to identify and remediate security risks.
- Managing security cloud configuration with tools like Terraform and CDK
Implementing Security Self Service approach:
- Development security tools in the organization IDP
- Testing/performing PoC of new security tools to increase efficiency development practices in the security context and foster Secure by Design principle.
Social Title:
DevSecOps Engineer
Social Description:
monday.com is seeking a skilled DevSecOps Engineer to join our growing team. This role requires a keen understanding of security practices integrated within the software development lifecycle. The ideal candidate will play a crucial role in securing our CI/CD pipelines, working with Web Application Firewalls (WAFs), and managing our Cloud Security Posture.
If you are passionate about security and have the skills and experience to make an impact, we encourage you to apply!
Requirements
- 3+ years of experience in DevOps/DevSecOps or related roles.
- Passion for keeping systems secure
- Proficiency in any of languages Python/Go/Typescript
- Expertise implementing Shift Left/Secure by Design inside CI/CD pipelines using tools such SonarQube, Dependabot alert, Wiz and others.
- Experience with configuring and managing Web Application Firewalls (WAFs) such as AWS WAF, Cloudflare, or similar.
- Excellent problem-solving and communication skills.
Top Skills
What the Team is Saying
What We Do
monday.com is a work operating system that transforms the way teams work together. We’ve created a solution that connects people to workplace processes promoting a culture of transparency & empowerment. We're obsessed with building an excellent product. Our goal is to create a work operating system that people will love to use—one that’s fast, beautiful & responsive.
Why Work With Us
At monday.com we believe in transparency, accountability, and impact. Together, those values have lent themselves to create a strong culture of professional and creative autonomy where every team member is encouraged to share ideas and help bring them to life!
Gallery
monday.com Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
monday.com embraces a flexible work environment with our hybrid model!
