DeveloperSecOps Engineer II

Summary

Join our Information Security team as a DevSecOps Engineer II and contribute to developing and maintaining Infrastructure as Code (IaC) pipelines on AWS and Azure. Collaborate with development and security teams to ensure infrastructure meets the highest security and compliance standards. This remote position requires hands-on experience with security engineering in DevSecOps workflows, including maintaining security controls in the software development lifecycle and collaborating with developers to build security into the code. Proficiency in maintaining Terraform IaC and scripting in Python, Bash, or PowerShell is essential. The ideal candidate possesses excellent problem-solving skills, attention to detail, and effective communication skills, thriving in a fast-paced environment. Visa sponsorship is not available.

Requirements

• Must be authorized to work in the US as defined by the Immigration Act of 1986
• Must pass a Criminal Background Check
• Bachelor’s Degree. Degree in relevant field
• Technical certifications or equivalents
• Minimum five (5) years of supporting / implementing network security platforms & strategies
• Minimum three (3) years of experience in information security
• Thorough understanding of information security—call it a security ethos—capable of being shared as best practices that provide guidance to other organizations within Allegiant as well as provide skills uplift to the information security engineering team
• Capable of ensuring the uptime and reliability of Allegiant's information security systems. Problem resolution skills are critical to this role as they must be able to swiftly pinpoint and remediate security tool concerns
• Well-versed in one or more cloud service providers, capable of providing leadership and guidance to the security engineering team
• Ability and willingness to partner to cross functional teams and, as such, should be succinct and articulate across all communication mediums, whether voice, chat, email, or via documentation
• Possess deep cybersecurity knowledge and the ability to integrate security practices into the development process and collaborate with development teams to ensure secure coding practices. This will mean performing regular code reviews, meeting with development teams, and performing vulnerability management within the infrastructure—which, by extension, means that competence with various DevOps toolkits will need to be maintained
• Hands-on experience with security engineering tasks in DevSecOps workflows
• Strong knowledge of, and long working experience with, Terraform Infrastructure as Code
• Capable of utilizing and maintaining popular code linting tools such as Bandit, JShint, ShellCheck, ESLint, Pylint, Checkov (IAC) and Rubocop to enforce coding standards and improve code quality
• Skilled in the creation and maintenance of scripts in Python, Bash or Powershell to automate security tasks and improve efficiency
• Strong knowledge of public cloud security and private cloud security constructs, and the effective deployment of cloud security tools such as network security groups, NGFW, IAM
• Skilled communicator with experience coaching junior engineers and providing succinct documentation
• Familiarity and experiences with Amazon routing and load balancing technologies including ALB (Application Load Balancers), NLB, and Gateway Load Balancer
• Experience Network routing protocols such as BGP, OSPF, EIGRP, IGRP, RIP, and RIPv2 with accompanying best practices
• Experience with Cloud network resources such as VPC (Virtual Private Cloud) peering and Transit Gateway
• Experience and proven ability to work under time constraints and pressure
• Ability to work independently and as part of a team, and being comfortable working in a fast-paced, dynamic environment
• Capable of advising and implementing CloudFormation & Terraform IAC best practices and security

Responsibilities

• Develop and maintain Infrastructure as Code (IaC) pipelines on AWS and Azure
• Work closely with development and security teams to ensure that our infrastructure meets the highest standards of security and compliance
• Build and maintain automated security and compliance checks for our infrastructure
• Develop and maintain monitoring and alerting systems for our infrastructure
• Automate security response and remediation processes
• Protect the organization's computer systems, networks, and data through the troubleshooting and maintenance of security measures
• Demonstrate excellent problem-solving skills, attention to detail, and effective communication skills
• Remain apprised of CSP (Cloud Service Provider) best practices and documentation, maintaining appropriate certifications and sharing findings with teams during weekly meetings
• Create and maintain scripts in Python, Bash or PowerShell to automate security tasks and improve efficiency
• Utilize and maintain popular code linting tools such as Bandit, JShint, ShellCheck, ESLint, Pylint, Checkov (IAC) and Rubocop to enforce coding standards and improve code quality
• Develop and maintain security policies and procedures for AWS IAM, AWS Key Management, and AWS Certificate Manager to ensure best practices are being followed
• Monitor and maintain Cloudflare WAF to ensure that web applications are protected from OWASP Top 10 vulnerabilities
• Manage and configure AWS Guard Duty to detect and respond to security incidents in real-time
• Work with SIEMs to ensure that logs and events are being captured and analyzed to identify potential security threats
• Use Terraform IAC to create and manage AWS infrastructure in a secure and compliant manner
• Write Python scripts to automate security tasks and improve efficiency
• Use Checkov IAC Linting to ensure that AWS infrastructure code is compliant with security best practices
• Create and manage AWS Lambda functions to automate incident response and remediation tasks
• Configure AWS Event Bridge and AWS CloudWatch to monitor infrastructure and trigger alerts when security events occur
• Work with the team to review and approve Github pull requests, and troubleshoot Github action and custom pipeline builds
• Troubleshoot AWS Network Infrastructure and infrastructure as code to promptly resolve incidents and minimize downtime and maximize uptime
• Advise on network protocol, operating system, cryptography, and AWS cloud security
• Maintain security controls, evaluate products and technologies, and integrate them into IT systems and applications
• Deploy AWS security measures and conduct regular security assessments
• Debug Terraform & CloudFormation infrastructure as code builds in custom pipelines as well as in GitHub Actions
• Work independently and as part of a team in a fast-paced, dynamic environment
• Deploy security measures to protect data stored on public clouds against unauthorized access
• Deploy identity and access management roles and permissions in Allegiant’s cloud providers
• Remain up to date on CSP best practices and documentation and share findings with teams
• Automate security tasks and improve efficiency with scripts in Python, Bash, Terraform or PowerShell
• Work effectively in an Agile Scrum workflow, demonstrating strong project management hygiene
• Provide advanced in-depth, top-level support for complex information security issues at all Allegiant locations
• Work with application developers to identify security requirements and issues
• Document components of the Allegiant information security systems
• Remain apprised of CSP (Cloud Service Provider) best practices and documentation, maintaining appropriate certifications and sharing findings with teams during weekly meetings
• Develop and implement AWS Lambda functions to automate incident response and remediation tasks
• Configure AWS Event Bridge and AWS CloudWatch to monitor infrastructure and immediately alert the team when security events occur
• Collaborate with the team to review and authorize Github pull requests, and identify and resolve issues with Github Actions and custom pipeline builds
• Model Allegiant’s customer service standards in personal actions and when providing direction
• Other duties as assigned

Benefits

• Profit Sharing
• Medical/Dental/Vision/Life/ Disability Insurance
• Medical Travel Reimbursement
• Legal, Identity and Pet Insurance
• 401K with an employer match
• Employee Stock Purchase Plan
• Employee Assistance Program
• Tuition Reimbursement
• Flight Benefits
• Paid vacation, holidays, and sick time