DevSecOps Engineer

HiBob is looking for an experienced DevSecOps Engineer to join our team. As a DevSecOps Engineer you will have the opportunity to lead the protection, guidance, designing, automation and support of HiBob’s cloud infrastructure security. You will also contribute to other security domains and initiatives such as Incident Response, Security Monitoring and Risk Management. You will work with our DevOps group to protect HiBob’s backend and our data processing pipeline. 

Responsibilities

• Identify security tools and lead the implementation of solutions from POC to Production (e.g. Pipeline integrity, API Threat Protection, Container Security, Cloud security etc.). Lead and maintain existing security tools and systems.
• Responsible for the security of the DevOps, Cloud and Monitoring environments - Guide and design secure infrastructure, promote the implementation of tools and services to improve delivery and availability of security on the HiBob platform.
• Lead HiBob’s cloud compliance by ensuring proper audit trails and logging of notable security events.
• Work closely with Product & Data Security, Engineering and the DevOps teams to define security strategy and execute it.
• Be part of product architectural and infrastructure design - Design and leverage the backend infrastructure and its security aspects.
• Work alongside Architects, Developers, IT, System, Security Owners and other tech leads in the company to design and support best of breed integrations with 3rd party partners, vendors and clients.
• Ensure the implementation of Security and Privacy By Design concepts across platforms.
• Lead and promote security audits, network scans and vulnerability assessments against HiBob’s infra.
• Train, educate the HiBob Technology team.
• Respond to security incidents and investigations.

• At least 3 years of experience with designing and securing cloud native architectures (AWS and GCP), applying best practices and building secure and resilient architecture.
• Proven working experience of CI/CD and supply chain pipelines.
• At least 3 years of experience with containerized environments and microservices, and in particular with container security and secrets management (Docker/Kubernetes).
• Experience with istio - BIG advantage.
• Experience with Kubernetes security - BIG advantage.
• 3+ years of hands-on experience with promoting automations in a large scale cloud environment using languages like Shell/Bash, Python/Terraform. Experience in writing Lambda functions is an advantage.
• Proven knowledge of core security networking concepts like gRPC,TLS, mTLS, SSH, DNS, Firewalls etc.
• Knowledge of microservice architecture, web technologies and APIs.
• General understanding of regulatory compliance and how it relates to security and privacy.
• Good presentation skills: Ability to articulate technically advanced issues to all audiences; Ability to mentor and train internal staff.
• Solid knowledge of information security principles and practices.
• “A” player and a team player.
• Strong organizational skills and excellent attention to details.
• Ability to effectively prioritize and execute tasks.
• Self-driven.
• Excellent English.