Zoom is seeking a hands-on DevSecOps Engineer, to join our enterprise security team. As a hands-on engineer you will partner with our DevOps (Ops) team to work on security best practices and remediation. You will develop a collaborative relationship with our Ops peers to ensure that CIS benchmarks and hardening best practices are implemented throughout our colocated datacenters, cloud and IT environments.

You will be working with the Ops teams on security remediation projects from various assessments, reviews, and best practices. You are a security domain expert and have worked in multiple cloud environments as well as data centers. This is a hands-on role also responsible for implementation of security tools and resolving vulnerabilities everywhere in the stack.

Responsibilities:

• Partner with Ops to implement consistent DevSecOps best practices including CIS benchmarks

• Assist with security remediation for found vulnerabilities within SLAs

• Provide security guidance and policies on maintaining a proactive security posture

• Participate in new project reviews and architecture security reviews 

• Identify opportunities for automation, partner with engineering and security teams on implementing automation

• Develop and support development of security testing and validation tooling.

• Improve secure coding practices, application security requirements, automation, training, and metrics

• Assist with regular security responsibilities such as quarterly access reviews, vulnerability scanning, and security testing

• Follow up with Ops teams with security requests and issues, provide status to management, and resolve issues

Requirements:

• At least 3 years of experience in a DevOps environment

• Prior experience as a DevSecOps engineer required

• Significant cloud ops experience preferably with AWS, Azure and Oracle

• Hands-on knowledge of information security technologies such as security design review, threat modeling, OWASP Top 10, risk analysis, and software testing techniques

• Familiarity with microservice architecture, Docker, Kubernetes, AWS

• Understanding of secure cloud networking such as VPC peering, flow logs, ACLs, and Guard Duty logs

• Hands-on experience securing cloud data stores in S3 and databases, RDS, MySQL, Redshift, DynamoDB

• Experience with ELK stack, Splunk, ServiceNow, Okta, and JIRA

Preferred Qualifications: 

• Cloud certifications such as AWS, GCP, Azure, CCSK

• Bachelor’s or Master’s degree in Computer Science, Information Systems, Information Assurance, or related field

• Experience working in video communications, technology, or financial services industry.

Ensuring a diverse and inclusive workplace where we learn from each other is core to Zoom’s values. We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records as well as any qualified applicants requiring reasonable accommodations in accordance with the law.

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.

All your information will be kept confidential according to EEO guidelines.

Explore Zoom:

• Hear from our leadership team

• Browse Awards and Employee Reviews on Comparably

• Visit our Blog

• Zoom with us!

• Find us on social at the links below and on Instagram