DevSecOps Engineer at Ombud
Ombud is developing an Intelligent Content Collaboration platform, a first in the industry that brings together Semi-Structured Content Management, Machine Automation and Collaborative Authoring Workflows. Our team is passionate about solving real-world collaboration challenges for practitioners at some of the most respected enterprises in the world. We are looking for a talented DevSecOps Engineer who has a passion for security and DevOps to help our engineering team scale our platform and "shift security left" in our SDLC.
What You’ll Do:
- As part of the DevOps team, design and extend tooling for provisioning, building, deploying, and operating secure and scalable AWS infrastructure and services.
- Work with an agile team of developers and provide guidelines and best practices to ensure we build security into our product from day one.
- Identify common software security anti-patterns and design appropriate solutions for our SDLC and CI/CD pipeline.
- Keep up to date on all new security challenges and be the security authority and thought leader within engineering and Ombud.
- Review, analyze, and be the point person for our security remediation analysis to ensure that priority issues are addressed by the team.
- Evaluate external penetration test results, identify and assess mitigation and remediation efforts within engineering.
- B.S. degree in Computer Science or a similar quantitative field
- 3+ years in software development and demonstrated experience in software security testing, methodologies and frameworks
- Authoritative understanding of common software and web application security vulnerabilities
- Expertise implementing static and dynamic analysis tools, open source scanning tools and integrating security into a CI/CD pipeline at scale
- Have hands-on experience with tools and technologies used throughout secure SDLC (e.g., Burp Suite, Checkmarx, Veracode, Rapid7)
- Expertise in application development frameworks, build systems and ability to integrate tools into the CI infrastructure
- Experience with continuous integration tools such as Circle CI and Jenkins
- Experience with AWS services (or other major public cloud provider), containerization tools (Docker, Kubernetes), and infrastructure-as-code tools (Terraform)
- Experience with observability tools for application monitoring and system diagnostics (prometheus, cloudwatch, ELK stack, Splunk, etc.)
Ombud Values IT WAR:
- Integrity: Total trust in the team; striving for what is good and right
- Thought Leadership: Mediocrity is not the fail-safe; aptitude and desire to continue learning
- Willingness: Prompt to act or respond; contribute outside of your job description
- Ambition: Self-Starter that doesn’t wait for things to happen, Focus and Drive to accomplish something great; relentless pursuit of opportunity
- Reliability: Perform consistently well; dependable
What Ombud Offers You:
- A culture that fosters career development and values working together as a team
- Employee Stock Option Plan (our employees are owners)
- Full Benefits, including: Healthcare, Dental, Vision, 401(k), Paid Leave, Sabbatical, RTD Eco-Pass
- Downtown Denver working environment
About Ombud: Ombud is building an Intelligent Content Collaboration platform that scales intelligence across global organizations by re-inventing how content is managed, collaboration is orchestrated, and machine learning is applied to streamline sales operations. The Ombud platform is changing how people organize, collaborate and execute their day-to-day workflow while improving their quality of life and organizational efficiency. Industry innovators such as Nutanix, Kronos, Palo Alto Networks, Zendesk, SendGrid, Ping Identity, Instructure, LogMeIn, HubSpot, Anaplan, and Cloudera use Ombud to create a competitive advantage, increase thought leadership, and grow their businesses.
Ombud is proud to be an equal opportunity employer. All employment decisions at Ombud are based on merit, competence, and business need. We do not discriminate on the basis of race, color, religion, age, sex, sexual orientation, ancestry, national origin, genetic information, disability, marital status, military service, or any other status protected under federal, state or local law. We are committed to building a diverse team and fostering an inclusive and entrepreneurial work environment.