Events  Classes  Deals  Spaces  Jobs 
    Sign in  
Compass // tech-enabled real estate platform & brokerage
Engineering, Full Time    Washington DC    Posted: Tuesday, June 18, 2019
Apply To Job

Senior DevSecOps Engineer

You are an application security expert who wants to get in on the ground floor of one of NYC's most exciting startups. You are passionate about security, & want to build a secure product that will revolutionize an entire industry.

You love to learn, & equally love to share your knowledge with others. Youre both a listener & contributor. You are a great communicator & you take care to understand before making yourself understood.

We are looking for an experienced security professional who is interested in working with a talented startup team in building secure, resilient, & high-performance website, mobile apps, & data services for the real estate industry. You will work with developers to make security & compliance available to be consumed as services. You will help architect secure web products, perform simulated attacks, identify weaknesses, & work with the engineers to remediate & protect our products. You will lead our effort to build security as code.

What We're Looking For:

  • 6+ years of hands-on experience performing security tests & manual pentests on web applications, mobile apps, & web services (APIs).
  • Deep understanding of application security vulnerabilities & remediation techniques.
  • Experience performing threat modeling, & designing secure web services, RESTful APIs, & microservice architectures.
  • Strong knowledge & hands on experience with AWS cloud infrastructure & native security services such as Inspector, GuardDuty, Web Application Firewall, Security Groups, & CloudTrail.
  • Proficiency in automating security as code into CI/CD pipeline.
  • Proficiency in scripting languages such as Bash & Python.
  • Knowledge of programming languages like Java, Python, & Golang.
  • Knowledge of Linux operating system, & containerization technology such as Docker & Kubernetes.
  • Experience & knowledge of tools to facilitate secure SDLC controls (SAST, DAST, IAST, RASP, etc.).
  • Bachelors degree in Computer Science or Engineering or commensurate experience.
  • Professional certification such as OSCP, OSWE, GWAPT, GWEB, GXPN preferred but not required.
  • Contribution to the security community (public research, blogging, presentations, etc.) preferred but not required.

Check out our Engineering blog!

Apply To Job
© 2019 GarysGuide      About    Feedback    Press    Terms
Sponsor Gary's (World Famous) Red Tie