[Hiring] Senior DevSecOps Engineer @ORCID

Job expired!

Senior DevSecOps Engineer (Remote)

Location: LATAM, Europe, UK

Date Posted: Aug 09, 2024

Join ORCID as a Senior DevSecOps Engineer

ORCID is looking for a dedicated Senior DevSecOps Engineer to join our team. This full-time, remote position involves 40 hours per week, working alongside the Director of Technology and cross-functional teams in Operations and Product. Our goal is to ensure secure and robust ORCID product offerings.

Key Responsibilities

  • Collaborate with senior staff, product, technology, and DevOps teams to architect secure solutions.
  • Develop and maintain the product security strategy for ORCID’s product portfolio.
  • Conduct security assessments across product infrastructure, databases, web applications, and internal/SaaS software solutions.
  • Identify and mitigate security risks with the product and technology teams.
  • Implement security best practices within the software development lifecycle (SDLC).
  • Provide leadership and guidance on software and product security practices.
  • Analyze vulnerabilities and collaborate with developers for remedial actions.
  • Implement application security controls and ensure privacy requirements are met.
  • Work with ORCID’s operations team on secure configurations of internal/SaaS tools.
  • Deliver training to developers on software security best practices.
  • Participate in on-call rotations for out-of-hours support and technical emergencies.

Requirements and Qualifications

Essential Skills:

  • 4-6 years of experience as a DevSecOps engineer or similar role.
  • Experience translating OWASP Top 10 into practical development imperatives.
  • 2-3 years of experience in security engineering and DevOps best practices.
  • Proficiency with cloud services like AWS, including native services and security features (3-4 years).
  • 2-3 years of experience securing databases, access control, and encryption while maintaining performance.
  • Experience with modern CI platforms like GitHub Actions (2-3 years).
  • Familiarity with containerization technologies like Docker and Kubernetes (2-3 years).
  • Knowledge of Terraform, network security architectures, and secure network design (2-3 years).
  • Strong problem-solving skills and teamwork abilities.
  • Self-starter with capacity to define problems, recommend solutions, and drive results.
  • Excellent communication skills to explain technical concepts across varied audiences.
  • Fluency in English; additional languages are a plus.
  • Willingness to travel for business needs (less than 10%).

Preferred Skills

  • Experience with enterprise security tools.
  • Proficiency in securing and addressing security issues in programming languages like Python or Java (3-4 years).
  • Experience as a practicing developer is an additional bonus.

Application Process

To Apply: Submit your CV and cover letter via . Highlight how your experience aligns with this role. ORCID encourages applicants who meet some but not all of the qualifications to apply.

Our Culture

ORCID is a global, fully remote organization since 2012, focusing on our collective brilliance. We promote a culture of learning with professional development plans, monthly learning sessions, and access to Udemy for Business. We offer flexibility and support for family-friendly scheduling.

We are committed to diversity, equity, and inclusion (DEI). Read more about our DEI initiatives and our inclusive culture and .

As an organization, we value trust and transparency. Review our to