Sr. DevSecOps Engineer

Company:  Insight Global
Location: Chicago
Closing Date: 03/11/2024
Hours: Full Time
Type: Permanent
Job Requirements / Description

Job DescriptionInsight Global is looking for a Senior Cloud Security Engineer for one of our large financial services clients. This individual will be part of a team responsible for cloud and data security posture management (CSPM & DSPM) and standardization across a multi-cloud environment - predominantly using Terraform. This person will be responsible for looking at CI/CD pipelines with respect to various security policies in order to deploy Policy as Code (PaC) and Infrastructure as Code (Iac) for our client's cloud environment. There are hundreds of policies that will be standardized/applied to the multi-cloud environment over the duration of this project. This person will leverage their broad knowledge of cloud security to advise as well as develop these policies. Additionally, this role requires individuals to be able to actively create and nurture partnerships with peer teams and identify opportunities for cross-team collaboration. Individuals in this role operate within a structured environment with some oversight but are eager to take initiative and tackle complex problems within one or more security engineering domains. The primary focus will be on preventative, detective and auto-remediating controls. Position can sit in DC, Denver, or Chicago.Other responsibilities include:- Identify and raise risks or potential vulnerabilities at all stages of the security- engineering process.- Contribute to existing test suites (integration, regression, and performance), analyze test reports, identify any test issues/errors, and triage the underlying cause.- Document and communicate required information for deployment, maintenance, support, and business functionality.- Identify gaps in information security standards adherence and work with appropriate partners to develop plans to close gaps.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to .To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: .Skills and Requirements- 5+ years of experience working within the field of cloud information/cybersecurity -- including broad knowledge of tools and techniques in this space (not limited to one technology/toolset). This is considered a senior level role.Development experience - specifically Terraform for the CI/CD pipeline. This role will require some "in the weeds" work. Recent architecture experience is acceptable as long as this individual understands the demands of this role include development.- Experience identifying, defining, documenting and implementing security system requirements for AWS and Azure utilizing Wiz or equivalent toolsets/technologies within the CSPM/DSPM space- Drive complex technical information security projects to ensure on-time delivery.- Ability to work closely with a diverse set of stakeholders with varying priorities to debate and negotiate paths forward. -- including direct management, engineering leads, PMs, information security peers, and other technology stakeholders- Experience with Policy as Code (PaC) and Infrastructure as Code (IaC)- Strong verbal and written communication skills- Strong attention to detail, confident enough to raise questions and identify issues. - Experience with Wiz, AWS OPA, SCP, SecurityHub, Config, EventBridge, SSM, Azure Policy, Microsoft Defender- CSPM, cloud/SaaS security management is helpful- Financial institution experience nullWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to

Apply Now
An error has occurred. This application may no longer respond until reloaded. Reload 🗙