***DevSecOps Engineer*** ***100% Remote*** ***Must have experience in a bank or in another highly regulated industry*** About the Role: The Senior IT Security Engineer leads efforts to integrate security practices seamlessly into our DevOps and Platform Engineering processes. As a key member of the enterprise risk management team, the Senior IT Security Engineer leads secure platform engineering efforts, focused on the secure development, and operations of our banking and cloud-based environments. Responsibilities: Develop and execute a comprehensive IT Security review strategy that integrates ongoing security practices, controls and reporting into our bank, Banking as a Service (BaaS), and DevOps processes and workflows. Lead the secure architecture and secure design and development of robust AWS cloud infrastructure to support scalable and secure applications. Create and maintain the security processes including, code security reviews, secure application development, data security, and secure API integrations. Perform ongoing, day to day monitoring, logging, and disposition of security alerts to ensure timely response to security vulnerabilities and threats. Implement security best practices for cloud infrastructure on platforms such as AWS, Azure, or Cloudflare, including identity and access management, network security, and data encryption. Implement security best practices bank-wide including BaaS frameworks, transaction movements and data sharing. Implement monitoring and logging solutions to detect security threats and anomalies in real-time and develop incident response procedures to address security incidents promptly. Ensure compliance with federal and state banking security regulations and security industry standards including but not limited to FFIEC, NIST, GDPR, HIPAA, PCI-DSS, OWASP and SOC 2, and lead efforts to obtain and maintain relevant certifications. Serve as SME on secure by design principals, working with key business partners including a team of Security engineers, providing guidance, support, and technical expertise to drive security initiatives and foster a culture of security excellence. Enrich application architecture with security standards, best practices and define baseline configuration. Partner with teams to define key performance indicators (KPIs), key risk indicators (KRIs) and distribute useful security related metrics to key stakeholders. Maintain comprehensive documentation of security controls, policies, procedures, and incidents to ensure compliance and facilitate knowledge sharing. Collaborate with cross-functional teams, including development, operations, security, and business units, to ensure seamless integration and alignment of DevSecOps practices with business goals. Carries out responsibilities in a manner consistent with our values and operating principles, in accordance with policy and applicable laws, and with a commitment to commitment to continuous improvement and process excellence. Qualifications: Bachelor's degree in computer science, Engineering, or related field Deep expertise building, securing, monitoring, and scaling workloads in AWS. Deep understanding of security principles, best practices, and compliance standards. Demonstrated ability to implement and enforce security policies and practices throughout the DevOps lifecycle. Hands-on experience with security tools and frameworks such as static code analysis, vulnerability scanning, and security testing. Expertise in Cloud Security tooling including EDR, SIEM, IDS toolset including vendor selection and management Proficiency with Terraform and Infrastructure as Code including creating and maintaining modules. Experience with CI/CD tooling and creating pipelines to support the security lifecycle. Knowledge of containerization technologies such as Docker and container orchestration platforms like Kubernetes, with a focus on container security. Strong understanding of networking, encryption, access controls, and authentication mechanisms. Solid understanding of networking concepts, security best practices, and compliance standards. Strong scripting experience in Python, PowerShell, Bash, or other scripting language Experience with security principles relating to, IAM, DLP, SDLC, IT asset management, secure architecture and Incident Response. Experience with Agile methodologies and leading Agile teams. Ability to analyse information and make logical recommendations. Familiarity with OWASP top 10 framework and other security frameworks is a plus Experience working with Cloudflare is a plus Experience working with Ansible or other configuration as code tools. Relevant security certifications (e.g., CISSP, CEH, AWS Certified Security Specialty) are a plus. The ideal candidate will possess a deep understanding of banking applications, core provider integrations, AWS cloud services, DevOps, expertise in security practices, and a passion for driving a culture of security-first mindset.
