About Company

Senior DevSecOps Engineer (Remote)

Location: LATAM, Europe, UK

Date Posted: Aug 09, 2024

Join ORCID as a Senior DevSecOps Engineer

ORCID is looking for a dedicated Senior DevSecOps Engineer to join our team. This full-time, remote position involves 40 hours per week, working alongside the Director of Technology and cross-functional teams in Operations and Product. Our goal is to ensure secure and robust ORCID product offerings.

Key Responsibilities

• Collaborate with senior staff, product, technology, and DevOps teams to architect secure solutions.
• Develop and maintain the product security strategy for ORCID’s product portfolio.
• Conduct security assessments across product infrastructure, databases, web applications, and internal/SaaS software solutions.
• Identify and mitigate security risks with the product and technology teams.
• Implement security best practices within the software development lifecycle (SDLC).
• Provide leadership and guidance on software and product security practices.
• Analyze vulnerabilities and collaborate with developers for remedial actions.
• Implement application security controls and ensure privacy requirements are met.
• Work with ORCID’s operations team on secure configurations of internal/SaaS tools.
• Deliver training to developers on software security best practices.
• Participate in on-call rotations for out-of-hours support and technical emergencies.

Requirements and Qualifications

Essential Skills:

• 4-6 years of experience as a DevSecOps engineer or similar role.
• Experience translating OWASP Top 10 into practical development imperatives.
• 2-3 years of experience in security engineering and DevOps best practices.
• Proficiency with cloud services like AWS, including native services and security features (3-4 years).
• 2-3 years of experience securing databases, access control, and encryption while maintaining performance.
• Experience with modern CI platforms like GitHub Actions (2-3 years).
• Familiarity with containerization technologies like Docker and Kubernetes (2-3 years).
• Knowledge of Terraform, network security architectures, and secure network design (2-3 years).
• Strong problem-solving skills and teamwork abilities.
• Self-starter with capacity to define problems, recommend solutions, and drive results.
• Excellent communication skills to explain technical concepts across varied audiences.
• Fluency in English; additional languages are a plus.
• Willingness to travel for business needs (less than 10%).

Preferred Skills

• Experience with enterprise security tools.
• Proficiency in securing and addressing security issues in programming languages like Python or Java (3-4 years).
• Experience as a practicing developer is an additional bonus.

Application Process

To Apply: Submit your CV and cover letter via . Highlight how your experience aligns with this role. ORCID encourages applicants who meet some but not all of the qualifications to apply.

Our Culture

ORCID is a global, fully remote organization since 2012, focusing on our collective brilliance. We promote a culture of learning with professional development plans, monthly learning sessions, and access to Udemy for Business. We offer flexibility and support for family-friendly scheduling.

We are committed to diversity, equity, and inclusion (DEI). Read more about our DEI initiatives and our inclusive culture and .

As an organization, we value trust and transparency. Review our to