DevSecOps Engineer
OddballFull Time
Senior (5 to 8 years)
The ideal candidate will have 7+ years of experience in DevOps, Security Engineering, or similar technical roles, with strong hands-on experience across major cloud platforms (AWS, GCP, Azure). Deep understanding of network security concepts, including Layer 3/Layer 4 firewalls, intrusion detection/prevention systems (IDS/IPS), and container security with Kubernetes is required. Expertise in infrastructure as code (Terraform, CloudFormation), proficiency in at least one scripting/programming language (Python, Bash, Java, C#, etc.), experience with PCI-DSS compliance, API security implementation, SSL/TLS troubleshooting, and certificate management are essential. Experience supporting systems requiring 99.99% uptime and the ability to implement open-source security tools are also necessary. CKA/CKAD/CKS certifications are preferred.
The Staff DevSecOps Engineer will architect and secure highly available, scalable, and fault-tolerant systems across AWS, GCP, and Azure environments, designing and implementing robust Layer 3/Layer 4 firewall solutions and network security controls. Responsibilities include implementing and managing intrusion detection and prevention systems, designing and deploying container security strategies for Docker and Kubernetes, and managing cloud security services like WAF, service mesh, and threat modeling to ensure 99.99% uptime. The role involves leveraging automation technologies (Ansible, Chef, Puppet, Jenkins) for infrastructure management and deployment pipelines, developing and deploying infrastructure-as-code solutions using Terraform, CloudFormation, and cloud-specific CLIs, and building secure CI/CD pipelines with integrated security testing. Additionally, the engineer will identify and implement open-source security tools, ensure compliance with PCI-DSS requirements and prepare systems for audits, participate in security assessments, document security controls, and create security documentation and training materials. Responsibilities also include implementing API security best practices, troubleshooting SSL/TLS issues, performing security assessments of applications and APIs, developing secure coding guidelines, leading incident response activities, configuring and maintaining security monitoring solutions, developing automated security responses, and conducting post-incident analysis.
Real-time supply chain visibility platform
FourKites provides a platform for supply chain management that focuses on real-time visibility and predictive analytics. The platform collects data from millions of shipments worldwide and uses AI technology to analyze this data, offering businesses insights to improve their supply chain operations. This helps companies manage risks, enhance responsiveness, and optimize their processes. FourKites connects all parts of a supply chain through its applications, ensuring that teams have access to the same information. A unique feature of their platform is Fin AI, which uses natural language processing to help businesses find optimization opportunities and automate tasks. Unlike its competitors, FourKites stands out by combining a vast real-time supply chain network with specialized applications and patented AI technology. The goal of FourKites is to help large brands manage their supply chains more effectively and efficiently.