About Brillio:
Brillio is the partner of choice for many Fortune 1000 companies seeking to turn disruption into a competitive advantage through innovative digital adoption. Backed by Bain Capital, Brillio is one of the fastest growing digital technology service providers. We help clients harness the transformative potential of the four superpowers of technology - cloud computing, internet of things (IoT), artificial intelligence (AI), and mobility. Born digital in 2014, we apply Customer Experience Solutions, Data Analytics and AI, Digital Infrastructure and Security, and Platform and Product Engineering expertise to help clients quickly innovate for growth, create digital products, build service platforms, and drive smarter, data-driven performance. With delivery locations across United States, Romania, Canada, Mexico, and India, our growing global workforce of over 6,000 Brillians blends the latest technology and design thinking with digital fluency to solve complex business problems and drive competitive differentiation for our clients. Brillio was awarded ‘Great Place to Work’ in 2021 and 2022
DevSecOps Engineer
Amazon API Gateway, Amazon CloudFront, AWS CodeBuild, AWS CodeDeploy, AWS CodePipeline, AWS Elastic Beanstalk, AWS Lambda, AWS Step Function, CloudFormation, Terraform
AWS DevOps Specialization: Senior Engineer
Role: DevSecOps Engineer
Years of Experience: 10+ years
Travel Required: No
Location: San Francisco, CA (Remote)
As a consultant within the Digital Infrastructure team, you will work with our clients to define their digital strategy and execution roadmap, and design and implement differentiated digital solutions to help deliver measurable value.
Your responsibilities in this role will include:
Secure Development Practices:
Collaborate with development teams to integrate security practices into the software development lifecycle (SDLC).
Promote secure coding practices and provide guidance on security requirements.
Perform code reviews and assist in identifying and remediating security vulnerabilities.
Define and enforce secure development standards, policies, and procedures.
Infrastructure Security:
Design and implement secure infrastructure configurations using Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
Implement security controls and best practices for cloud environments, such as AWS, Azure, or Google Cloud Platform.
Configure and manage security groups, access controls, and network segmentation.
Implement and monitor intrusion detection and prevention systems (IDS/IPS).
Security Automation:
Automate security testing and vulnerability scanning processes using tools like SonarQube, OWASP ZAP, or Nessus.
Integrate security tools and scanners into the CI/CD pipeline for continuous security validation.
Implement security-focused test automation frameworks and tools.
Develop and maintain security-focused scripts, tools, and utilities.
Incident Response and Risk Management:
Develop and maintain an incident response plan and collaborate with teams to respond to security incidents.
Conduct security risk assessments and penetration testing to identify vulnerabilities and prioritize remediation efforts.
Track and monitor security incidents, analyze root causes, and implement preventive measures.
Collaborate with stakeholders to implement risk mitigation strategies and ensure compliance with security standards and regulations.
Security Monitoring and Compliance:
Implement and manage security monitoring and logging solutions (e.g., SIEM, log management systems).
Monitor system logs and security events to detect and respond to security incidents.
Ensure compliance with relevant security frameworks, regulations, and industry best practices (e.g., PCI DSS, GDPR, HIPAA).
Support internal and external audits and provide necessary documentation and evidence.
Security Awareness and Training:
Conduct security training and awareness programs for development teams and stakeholders.
Stay updated with the latest security threats, vulnerabilities, and industry trends.
Share security knowledge and best practices with the broader team.
Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field. Proven experience as a DevSecOps Engineer or a similar role.
Strong knowledge of software development practices and methodologies (e.g., Agile, DevOps).
Experience with infrastructure-as-code tools (e.g., Terraform, CloudFormation).
Proficiency in scripting languages (e.g., Python, Shell) for automation and tooling.
Knowledge of cloud platforms and services (AWS)
Relevant security certifications such as CISSP, Certified Ethical Hacker (CEH), or Certified DevOps Engineer (CDE) are a plus.
Strong analytical and problem-solving skills.
Why should you apply for this role?
Brillio partners with clients on all parts of their cloud journey right from decision-making to deployment, helping modernize and migrate existing infrastructure into secure, multi-cloud environments, seamlessly.
Know more about Digital infrastructure : https://www.brillio.com/services-digital-infrastructure/
Know what it’s like to work and grow at Brillio: https://www.brillio.com/join-us/
Equal Employment Opportunity Declaration
Brillio is an equal opportunity employer to all, regardless of age, ancestry, colour, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding, and related medical conditions), and sexual orientation.
Know what it’s like to work and grow at Brillio: Click here
Read Full Description