Lead DevSecOps Engineer
Costa Mesa, CA

Job Description

Experian Consumer Services - Careers That Define "The Next Big (Data) Thing" for Consumers

What could be more exciting - personally and professionally - than being part of a "disruptive" business? Consider taking your career to the next level by joining the Leader that continues to disrupt the competition. As the "disruptor" and market leader we pride ourselves on building new markets, leading the pack through continuous evolution and innovation. It's a position Experian Consumer Services has enjoyed for more than a decade and we're always looking for the talent that can help expand that lead.

When you're the leader, it's always urgent, important and market-changing. We think that defines the true "disruptive" business. Join us and create some chaos for the competition.

The Lead AWS DevSecOps Engineer is a hands-on technical position responsible for architecting, designing and implementing automation to:

* Continuously improve the security of our e-commerce products
* Comply with a range of security requirements (internal and external)
* Respond to audit requests and requirements
* Manage cloud security tools such as Alert Logic, Redlock, Deep Security, Twistlock and Veracode
* Drive security standardization such as usage of the Cloud Security Alliance framework and the Center for Internet Security.
* Ensure tight security for an ecommerce platform including data encryption, Infrastructure security, environment scanning, etc.
* Partner with Experian Global Security office to ensure policies and standards are being properly applied

Based on a "developer self-service model", our cloud-computing "Platform as a Service" product automates:

* AWS resource provisioning and management (based on immutable compute resources)
* Build pipeline supporting Continuous Delivery, including support for canary and blue green releases
* Container based delivery (Docker)
* Micro-service support (service registry, service-to-service authentication)
* Event management and analysis via logging and event data pipelines
* Instrumentation, monitoring, notification, and alerting
* Data pipeline from transaction support (Dynamo) to BI (RedShift)

The current Platform has been implemented primarily as "infrastructure as code", so experience with Python, or equivalent deep experience with other scripting or infra-coding tools is essential. The Platform is being managed as a true software product (story backlog, product roadmap, developer involvement in product direction), so Agile Product Oriented Development experience is also important.

Responsibilities:

* Collaborate with the leadership team, Information Security, DevOps and Engineering teams to identify Platform needs and issues with respect to information security and compliance.
* Work with Development and Operations teams to ensure proper key management and encryption are used according to security best practices and compliance requirements.
* Collaborate with key third party security partners to implement best practices and processes.
* Define security architecture in collaboration with Product Architects and the DevOps engineering teams.
* Author Agile stories, estimate story points, assist with sprint planning and retrospectives.
* Architect, design and build security processes for multiple different platforms addressing security and compliance needs.
* Perform advanced security technical troubleshooting for cloud, e-commerce environments.
* Lead incident response initiatives, architecting and building reliable automated incident response processes.
* Technical point of contact for product/engineering teams as it relates to automation, CI/CD, and DevOps and/or DevSecOps.
* Build tools and automation scripts that enable developers and engineers to easily consume security as a services.
* Improve the accessibility of security through automation, continuous integration pipelines, and other means.
* Understand existing processes by identifying how to streamline them in order to improve the team efficiency and effectiveness as well as enhancing the overall security posture.
* Bachelor's degree in Computer Science or other technical degree or equivalent experience preferred.
* Minimum of 10 years experience in Information Security Engineering and/or Ops or DevOps roles, focused on supporting automated security solutions and architectures.
* Security certifications such as CISSP, CCSP, SANS GIAC* are a plus.
* Production experience with public cloud (AWS, Google or Azure - AWS strongly preferred).
* Fluency in Python or other programming or scripting language.
* Proficiency in software and systems design and architecture.
* Experience with a variety of open source technologies and tools in support of cross-team collaboration.

Qualifications Required:

* Strong knowledge of the DevSecOps tool chain on Linux/Windows/Docker platforms; Jenkins, TravisCI, Python/Ruby, Ansible, Puppet, Git, AWS cloud formation, etc.
* Strong demonstrated hands-on experience on implementing Security architectures.
* Experience deploying automation solutions in a public cloud environment with a focus on AWS.
* Strong knowledge of PCI/HIPPA and other security related standards and requirements.
* Experience supporting security audits.
* Operationally savvy, experience with monitoring, alerting, and analyzing system metrics to identify problems and understand system behavior specific to security concerns.
* Ability to work in a fast paced, e-commerce environment.
* Strong communication and collaboration skills.
* Strong problem solving skills.
* A passion for innovation.
* Collaboration, drive open communication and reach across functional borders.