Security Engineer, Product Security
Chainlink LabsSalary not specified
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, Data Analytics, AIIndustries
Requirements
- Bachelor's degree in Engineering, Computer Science, Management Information Systems, or a related study, or equivalent experience
- Minimum of 5+ years of professional experience in DevOps, security engineering, or a related field
- Strong understanding of security principles and best practices, including threat modeling, risk assessment, and vulnerability management
- Proficiency with DevOps tools and practices, including CI/CD pipelines, containerization (Docker, Kubernetes), and version control systems (Git)
- Solid understanding of cloud security concepts and experience with cloud platforms (AWS, Azure, Google Cloud)
- Strong scripting and automation skills using languages such as Python, Bash, or PowerShell
- Experience with security tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, or similar
- Experience in development with shell scripting such as Python, GoLang, etc
- Expertise in the Linux operating system
- Must be able to demonstrate innovation in problem-solving
- Clear communication with team members and product owners
- Ability to effectively communicate technical findings to both technical and non-technical stakeholders
- Must follow and support agile methodologies and practices by actively participating in all SCRUM ceremonies
- Must adhere to and develop best practices in software engineering
Responsibilities
- Integrate security into the CI/CD pipeline, automating security controls and embedding security throughout the development lifecycle
- Support, and maintain Application Security Testing (AST) tools (SAST, DAST, IAST, SCA) to identify code and dependency vulnerabilities
- Conduct security assessments, vulnerability analysis, and penetration testing to identify and mitigate security risks
- Develop and maintain secure infrastructure as code (IaC) scripts using tools like Pulumi, Terraform, or CloudFormation
- Implement and manage security tools and technologies such as SIEMs, IDS/IPS, firewalls, and endpoint protection
- Monitor and respond to security incidents, performing root cause analysis and implementing corrective measures
- Educate and train development and operations teams on secure coding practices and security tooling
- Stay up to date with the latest security threats, trends, and technologies, and proactively address potential risks
- Create and maintain documentation related to security policies, procedures, and standards
- Participate in security audits and compliance initiatives to ensure adherence to industry regulations and standards
- Provide thorough unit testing and automated testing to ensure a quality product is delivered
- Improve, enhance, and support existing operations
- Design, build, install, configure, and support production deployments
- Manage the work of teams implementing DevOps solutions in complex projects
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What are the minimum qualifications for the Senior DevSecOps Engineer role?
Candidates need a Bachelor's degree in Engineering, Computer Science, Management Information Systems, or a related field (or equivalent experience), plus a minimum of 5+ years of professional experience in DevOps, security engineering, or a related field. A strong understanding of security principles and best practices, including threat modeling and risk assessment, is also required.
What key responsibilities will the Senior DevSecOps Engineer handle?
Responsibilities include integrating security into the CI/CD pipeline, supporting Application Security Testing (AST) tools like SAST, DAST, IAST, and SCA, conducting security assessments and penetration testing, developing secure IaC scripts with tools like Terraform or Pulumi, and mentoring teams on secure practices.
Is the Senior DevSecOps Engineer position remote or office-based?
This information is not specified in the job description.
What is the salary or compensation for this role?
This information is not specified in the job description.
What kind of collaboration and team involvement is expected in this role?
You will collaborate closely with development, operations, and security teams, mentor junior engineers to foster a culture of security, manage teams implementing DevOps solutions, and educate development and operations teams on secure coding practices.
Starburst
Data analytics and SQL engine distribution
About Starburst
Starburst specializes in data analytics by providing a distribution and support for the Trino SQL engine, which is designed for efficient and scalable analytics on data lakes and various data sources. Their products, Starburst Galaxy and Starburst Enterprise, allow clients to access and analyze data quickly, whether in the cloud or on-premises. Starburst connects seamlessly with popular data visualization tools like Tableau, Power BI, and Looker, making it easier for users to integrate and access their data. What sets Starburst apart from competitors is its enhancement of the open-source Trino engine with additional connectors, security features, and dedicated enterprise support. The company's goal is to help organizations achieve faster data insights and better decision-making through improved analytics capabilities.
Boston, MassachusettsHeadquarters
2017Year Founded
$402.7MTotal Funding
SERIES_DCompany Stage
Data & Analytics, Enterprise SoftwareIndustries
501-1,000Employees
Benefits
Competitive salary & attractive stock grants
Remote-friendly work options
Quality & affordable insurance
Flexible & generous paid time off
Environment of transparency, honesty & respect
Risks
Increased competition from companies like Dell could impact Starburst's market share.
The rapid growth of unique data vendors may lead to increased market complexity.
Enterprises moving towards single-cloud strategies could challenge Starburst's multi-cloud offerings.
Differentiation
Starburst offers both cloud-based and on-premises solutions, catering to diverse client needs.
The company enhances the open-source Trino engine with additional connectors and security features.
Starburst's platform integrates with popular data tools like Tableau, Power BI, and Looker.
Upsides
Starburst Galaxy achieved 3x year-over-year growth in active customers and usage volume.
The platform enables 10X faster data processing and 66% cost reduction for clients like Arity.
Starburst's Icehouse platform leverages open-source Trino and Apache Iceberg for scalability.
Related Jobs
RemoteRemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Application Security Engineer
M&T BankSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Backend Engineer, Secure Policy (US/Canada Eastern or European …
Docker€113,200 - €155,700/year
- Full Time
- Senior (5 to 8 years)
RemoteSales Engineer - Federal
SpyCloudSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSecurity Engineer, Infrastructure Security
OpenAI$292,500 - $405,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSenior Cloud Security Architect (R-00079)
True Zero TechnologiesSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)