Staff Engineer – DevSecOps

Position Overview

Extreme Networks is a global leader in end-to-end, cloud-driven networking solutions, trusted by over 50,000 customers worldwide. We are experiencing double-digit growth year over year and are committed to fostering an inclusive workplace where all employees thrive. We are seeking a highly experienced Staff Engineer – DevSecOps to lead and support our enterprise security, compliance, and risk management initiatives. This individual will play a key role in designing, implementing, and maintaining controls aligned with global compliance frameworks including ISO 27001, SOC 2, and NIST 800-53. The ideal candidate has a deep understanding of security engineering principles, a strong compliance mindset, and a proven track record in driving cross-functional security programs.

Employment Type

Fulltime

Location Type

Not Specified

Salary

Not Specified

Key Responsibilities

• Follow established processes for the implementation and maintenance of security controls aligned with ISO 27001, SOC 2, and NIST 800-53.
• Collaborate with security leadership to ensure adherence to ISO 27001, SOC 2 and NIST 800-53 controls and procedures.
• Collaborate with internal and external auditors to support audits, evidence gathering, and remediation efforts.
• Develop and maintain automated security and compliance monitoring tools and dashboards.
• Translate regulatory requirements into technical requirements and integrate them into the SDLC (Secure Development Lifecycle).
• Execute tasks related to the implementation and upkeep of compliance controls under ISO 27001, SOC 2, and NIST 800-53 guidance.
• Conduct gap assessments and risk analysis; define and track remediation efforts to ensure compliance readiness.
• Demonstrate strong hands-on experience and understanding of Kubernetes security, including RBAC, pod security policies, network policies, and secrets management.

Required Qualifications

• 5+ years of experience in information security or compliance engineering roles.
• Practical experience with DevOps security practices, including integrating security controls into CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions, etc.).
• Strong understanding and hands-on experience with ISO 27001, SOC 2 (Type I and II), and NIST SP 800-53.
• Experience working in cloud-native environments (AWS, Azure, or GCP) with secure configuration and governance controls.
• Familiarity with cloud-native security (AWS, GCP, or Azure), container orchestration, and infrastructure-as-code tools like Terraform, Helm, or Ansible.
• Solid knowledge of access management, encryption, logging/monitoring, and network security principles.
• Demonstrated ability to lead technical initiatives, work cross-functionally, and influence at all levels.
• Excellent written and verbal communication skills.

Company Information

Over 50,000 customers globally trust our end-to-end, cloud-driven networking solutions. They rely on our top-rated services and support to accelerate their digital transformation efforts and deliver unprecedented progress. With double-digit growth year over year, no provider is better positioned to deliver scalable outcomes than Extreme. Inclusion is one of our core values and in our DNA. We are committed to fostering an inclusive workplace that embraces our differences and creates an atmosphere where all our employees thrive because of their differences, not in spite of them. Become part of Something big with Extreme! As a global networking leader, learn why there’s no better time to join the Extreme team.