Senior DevSecOps Engineer (Remote)
Location: LATAM, Europe, UK
Date Posted: Aug 09, 2024
Join ORCID as a Senior DevSecOps Engineer
ORCID is looking for a dedicated Senior DevSecOps Engineer to join our team. This full-time, remote position involves 40 hours per week, working alongside the Director of Technology and cross-functional teams in Operations and Product. Our goal is to ensure secure and robust ORCID product offerings.
Key Responsibilities
- Collaborate with senior staff, product, technology, and DevOps teams to architect secure solutions.
- Develop and maintain the product security strategy for ORCID’s product portfolio.
- Conduct security assessments across product infrastructure, databases, web applications, and internal/SaaS software solutions.
- Identify and mitigate security risks with the product and technology teams.
- Implement security best practices within the software development lifecycle (SDLC).
- Provide leadership and guidance on software and product security practices.
- Analyze vulnerabilities and collaborate with developers for remedial actions.
- Implement application security controls and ensure privacy requirements are met.
- Work with ORCID’s operations team on secure configurations of internal/SaaS tools.
- Deliver training to developers on software security best practices.
- Participate in on-call rotations for out-of-hours support and technical emergencies.
Requirements and Qualifications
Essential Skills:
- 4-6 years of experience as a DevSecOps engineer or similar role.
- Experience translating OWASP Top 10 into practical development imperatives.
- 2-3 years of experience in security engineering and DevOps best practices.
- Proficiency with cloud services like AWS, including native services and security features (3-4 years).
- 2-3 years of experience securing databases, access control, and encryption while maintaining performance.
- Experience with modern CI platforms like GitHub Actions (2-3 years).
- Familiarity with containerization technologies like Docker and Kubernetes (2-3 years).
- Knowledge of Terraform, network security architectures, and secure network design (2-3 years).
- Strong problem-solving skills and teamwork abilities.
- Self-starter with capacity to define problems, recommend solutions, and drive results.
- Excellent communication skills to explain technical concepts across varied audiences.
- Fluency in English; additional languages are a plus.
- Willingness to travel for business needs (less than 10%).
Preferred Skills
- Experience with enterprise security tools.
- Proficiency in securing and addressing security issues in programming languages like Python or Java (3-4 years).
- Experience as a practicing developer is an additional bonus.
Application Process
To Apply: Submit your CV and cover letter via . Highlight how your experience aligns with this role. ORCID encourages applicants who meet some but not all of the qualifications to apply.
Our Culture
ORCID is a global, fully remote organization since 2012, focusing on our collective brilliance. We promote a culture of learning with professional development plans, monthly learning sessions, and access to Udemy for Business. We offer flexibility and support for family-friendly scheduling.
We are committed to diversity, equity, and inclusion (DEI). Read more about our DEI initiatives and our inclusive culture and .
As an organization, we value trust and transparency. Review our to