Senior Dev/Sec Ops Engineer

Tech Stack
  • AWS
  • DevOps
  • CI/CD
  • SecOps
  • MySQL
  • Automated Testing
  • Git
  • Git Flow
  • Ruby on Rails
  • Python
Company Name

PTO Genius

job Summary

About PTO Genius

PTO Genius is an HR software platform that helps companies increase productivity, improve employee happiness and lower expenses associated with employees not taking time off.

PTO Genius proactively surfaces good times for employees to take vacation and makes it easy to convert extra paid time off (PTO) to fund vacations, pay down student loans, contribute to retirement, or cover emergency expenses.

Responsibilities:

- Architect, develop, deploy, provision, enhance, optimize and actively manage CI/CD operations across multiple highly available and fault-tolerant cloud-based systems
- Work cross-collaboratively on idea creation and development of the CI/CD pipeline
- Own the ongoing lifecycle maintenance of the CI/CD pipeline
- Support the development of code and integration of complex software components into a fully functional cloud-based systems
- Support development of software integration/verification plans, test procedures, test environments, and development environments executing the test procedures and documenting test results to ensure system requirements are met
- Support development, selection, tailoring and deployment of processes, tools and metrics
- Identify and deploy open-source and proprietary tools and technologies to build and support high availability systems with an emphasis on continuous integration and continuous deployment
- Proactively apply IaaS and IaC concepts
- Quickly respond and remedy production and service escalations
- Proactively establish systems and automated processes to minimize production and service escalations
- Actively build, deploy and manage scenario simulations to prepare team for potential critical failures and security compromises
- Lead incident and root-cause analysis with calm and an eye towards continuous service improvement
- Provide expertise in tools used for software development: CI/CD pipelines, automated version control systems, software artifacts management tools, etc
- Plan and coordinate systems upgrades, cutovers and infrastructure migrations
- integration and test environments
- Help integrate, manage and optimize data storage solutions
- Actively assist in monitoring the health and security of the application
- Create and maintain security infrastructure that follows industry best practices including a high level of availability and ease of user access
- Evaluate and develop systems to enhance security posture while reducing overall digital security risk
- Own perimeter and internal security systems including, but not limited to, multi vendor firewall administration, device posturing, secure authentication and authorization servers, intrusion prevention systems, web application firewalls, network packet analysis, vulnerability assessments, network asset-management, network forensics, incident response, machine generated log analysis, log retention, and network anomaly detection and alerting
- Oversight, planning and execution of any required vulnerability audits, penetration tests or forensic IT audits or related investigations
- Compliance with any government’s standards and related legislation, such as the Data Protection Act and ISO standards
- Budget forecasting, financial forecasts relating to IT, Data and Information security
- Help identify bottlenecks and bugs, and devise solutions to these problems
- Help ideate, architect, build and deploy automated tests to minimize bugs and continuously optimize code quality
- Help maintain and continuously enhance the security and integrity of the application
- Promote cooperation and commitment within a team to achieve common goals
- Proactively search for ways to improve the application based on company goals
- Come up with great new ideas, and work with engineering team to integrate them
- Work with stakeholders and team members to ensure commitments are met
- Contribute to the maintenance of technical documentation
- Stay abreast of developments in web and mobile infrastructure and security

Requirements:

- 6+ years of experience with automation and CI/CD techniques and design patterns in real world environments
- 6+ years of experience programming with scripting languages
- 6+ years of experience in identifying security issues and risks, and developing mitigation plans
- 6+ years of experience in three or more of the following areas: cryptography, application security, authentication, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments
- Expertise building scalable, secure, stable and optimized mission-critical technical infrastructure in AWS
- Expertise in leveraging automation, DevOps and SecOps principles, experience with operational tools, and able to apply best practices for infrastructure and software deployment and security
- Deep understanding of the Linux operating system and networking concepts
- Strong experience working with container-orchestration systems
- Strong experience working in an agile software development lifecycle with rapid releases
- Strong experience with SaaS architectures (Single and Multi-tenant) and cloud based development
- Strong experience identifying and mitigating different security threats
- Strong experience assessing, remediating and hardening against risk and vulnerabilities
- Experience in Security Event Correlation SIEM
- Experience with Network Security, Stateful Inspection Firewall, NGFW, Firewall policies, NAT, IPS, Botnet, DDoS, Web Filtering, Reverse proxies, Certificate management (PKI), MFA
- Experience with cutting edge “infrastructure as code” tools: Terraform, Vagrant, etc
- Experience configuring, tuning, and performing in-depth analysis in Security and Security related tools
- Experience with implementation of policies and procedures for compliance and audits
- Experience in a Security Information and Event Management System (SIEM)
- Experience with SOC 2 & ISO 27001 compliance
- Working knowledge of enterprise data center technologies including storage platforms, network switching, and security infrastructure within a virtualized data center
- Passionate about writing quality code, following best practices, solving complex technical challenges, and constantly honing their skills
- Strong attention to detail
- Excellent organizational and teamwork skills
- Excellent communication skills, both written and spoken
- Ability to rapidly learn diverse technologies and apply them

Skills:

- Very strong Amazon Web Services (AWS) experience
- Very strong DevOps and CI/CD tools experience
- Very strong SecOps tools experience
- Very strong MySQL experience
- Very strong automated testing experience
- Very strong Git and Git flow experience
- Strong scripting language experience (Python, Pearl, Ruby etc)
- GraphQL nice to have, but not required
- Vue.js nice to have, but not required
- Storybook experience preferred, but not required
- API development and integration experience great to have, but not required
- Travel tech experience nice to have, but not required
- HR tech experience great to have, but not required
- Graphing and Charting experience great to have, but not required
- Machine Learning and algorithms experience great to have, but not required
- Mobile app developer (iOS and Android) experience great to have, but not required

Nice to have:

- Willing to mentor younger engineers in order to improve the overall security of the system and product
- CISSP or GIAC Certifications
- Experience with HIPAA compliance
- Strong spanish speaker

Expectations:

- Be a good person and speak honestly
- Own your mistakes
- Take pride in your work
- Be true to your word
- Be proactive
- Under promise and over deliver
- Actively explore extending your skills and knowledge
- Passion for solving challenging issues
- Look for ways to help other
- Engage and collaborate with peers
- Communicate often and clearly with team members

What we value:

- Honesty
- People
- Vulnerability
- Empathy
- Creativity
- Humor
- Hard Work

Preferred Qualifications
  • GraphQL
  • Vue.js

apply

CONTRACT TERMS

This is a full-time job opportunity, where you’d be working on projects lasting 12 months on average.  At the end of the period, you will be able to continue being a Pro Consultant by getting assigned to another exciting project. The continuity of your permanent employment with all social and additional benefits included is guaranteed by Motion Software.

WHY MOTION SOFTWARE?

SEE THE BENEFITS

Motion Software uses cookies to improve site functionality, provide you with a better browsing experience, and to enable our partners to advertise to you. Detailed information on the use of cookies on this Site, and how you can decline them, is provided in our Cookie Policy Learn more about cookies, Opens in new tab. By using this Site or clicking on OK, you consent to the use of cookies.

OK