DevSecOps Engineer

About Us

G Adventures is the worlds largest smallgroup adventure travel company and weve been making epic travel memories happen on all seven continents for over 30 years.

Our mission is simple: to change lives through travel. And not just our travelers either. Since day one our tours have been built to establish meaningful relationships with local communities directly benefiting the people and places we visit at every step of our tours.

With the demand for travel coming back strong we are set up and excited for this next chapter in our companys story and wed love for you to be a part of it.

Our DNA revolves around building nurturing and developing a diverse culture of people and a true sense of belonging where everyone is encouraged to bring their authentic self to work each and every day. Youll have the opportunity to grow your career and yourself alongside a passionate talented and welcoming community that works hard to spread goodness around the world.

If all that sounds like your kind of thing well we cant wait for you to join us.

About the Role

This role requires a balance of technical expertise strategic thinking and collaborative communication to build secure scalable and reliable applications. As a DevSecOps Engineer you will bridge the gap between development operations and security ensuring that security is deeply integrated into every stage of the software lifecycle. You will be responsible for automating security processes mitigating vulnerabilities and fostering a securityfirst mindset within crossfunctional teams.

This role requires strong expertise in AWS cloud security Infrastructure as Code (IaC) principles and container orchestration. You will be expected to have handson experience with Terraform Terraform Cloud and Ansible for infrastructure automation and configuration management. Additionally you will focus on securing containerized environments using Amazon ECS and Kubernetes.

You will work closely with developers to embed secure coding practices with operations to implement robust infrastructure security and with leadership to align Information Security initiatives with organizational objectives. Your work will directly contribute to protecting the organizations systems data and reputation.

This is a hybrid role based out of South Africa where a minimum number of days as set by the region is required in the Cape Town office. Before you apply please consider whether this aligns to your location.

What Youll be Doing

Security Integration

• Design implement and maintain security practices in CI/CD pipelines to detect and mitigate vulnerabilities early in the development lifecycle.

• Collaborate with development operations and security teams to ensure security is integrated into every stage of the SDLC.

• Automate security testing including static application security testing (SAST) dynamic application security testing (DAST) and software composition analysis (SCA).

• Using AWS Security tools (Guard Duty Security Hub Macie etc. to secure the AWS environment and manage it daytoday.

Infrastructure Security

• Strengthen the security posture of infrastructure by implementing Infrastructure as Code (IaC) security measures.

• Secure our systems against cyber threats through detailed analysis of security events incident response vulnerability management risk assessment and policy development.

• Manage and enforce policies for cloud security container security and runtime security across platforms like Kubernetes Amazon ECS and Docker.

• Regularly assess and harden system configurations in compliance with industry best practices and frameworks.

Vulnerability Management

• Perform continuous monitoring and vulnerability scanning to identify security risks in applications and systems.

• Conduct Network and System Vulnerability assessments and documentation of corrective/remediation actions.

• Collaborate with teams to remediate vulnerabilities and manage patch deployments.

Policy and Compliance

• Ensure compliance with relevant standards such as SOC 2 ISO 27001 and PCI DSS by aligning DevSecOps practices with organizational requirements.

• Participate in security audits and assist in generating evidence for regulatory compliance.

Incident Response and Monitoring

• Work crossfunctionally with other teams to implement secure systems and respond to cyber threats.

• Develop and monitor automated detection mechanisms to monitor for security threats and incidents.

• Work with the Information Security team to develop playbooks and scripts for responding to incidents.

• Be a part of the security oncall rotation

• Participate in blueteam exercises and tabletop simulations.

Collaboration and Training

• Advocate for security best practices and conduct training sessions for development and operations teams.

• Contribute to the development of security guidelines and documentation to support organizational goals.

Desired Skills & Experience

Requirements

• Bachelors degree in Computer Science Cybersecurity or a related field (or equivalent experience)

• 3 years of experience in DevOps security engineering or software development with a focus on security.

• 3 years experience with CI/CD tools such as CircleCI GitLab CI/CD Azure DevOps or GitHub Actions.

• 3 years experience with Infrastructure as Code (IaC) tools like Terraform and Ansible.

• Handson experience with security tools (e.g. Snyk Wiz Orca OWASP ZAP SonarQube Checkmarx etc).

• Expertise in cloud platforms 3 years) with a strong focus on AWS cloud security (e.g. IAM security groups KMS GuardDuty Security Hub and other AWS security services).

• Familiarity with container technologies (e.g. Docker Kubernetes) and securing containerized workloads.

• Knowledge of scripting and programming languages (e.g. Python Bash Go or Java).

• Understanding of threat modeling and risk assessment techniques.

• Familiarity with logging and monitoring tools such as DataDog SumoLogic Splunk ELK Stack or Prometheus/Grafana.

Desired Qualifications

• Industry certifications such as AWS Certified Security Specialty Certified Kubernetes Administrator (CKA) or Certified DevSecOps Professional.

• Proficiency in managing and securing serverless architectures (e.g. AWS Lambda Azure Functions).

• Experience with Zero Trust architecture principles and implementation.

• Experience working in Agile and DevOps teams promoting DevSecOps principles.

• Experience with the following cyber security tools would be an asset: EDR WAF SIEM Log management SAML/SSO IAM integrity verification web application security testing network access control network intrusion prevention & detection data protection and cloud platform security tools.

• Familiarity with Red Team/Blue Team activities penetration testing or ethical hacking techniques.

Key Competencies

• Strong problemsolving skills and attention to detail.

• Excellent communication and collaboration skills to work effectively with crossfunctional teams.

• Ability to manage multiple tasks and priorities in a fastpaced environment.

• A passion for security automation and innovation.

• Able to explain complex technical solutions to nontechnical staff.

• Indepth knowledge of common attack vectors and security vulnerabilities. Be able to explain common controls that can protect against these attacks confidently.

• Understanding of Cyber Security frameworks and technologies: OWASP MITRE ATT&CK Framework NIST CIS SOC2 ISO27001.

• Indepth knowledge of cloud architecture and design able to confidently work with AWS Azure and other cloud providers.

• Excellent communication skills and the ability to work in a team environment spanning the globe.

What do we offer you

• Competitive salary commensurate with the role

• Competitive benefits package

• Birthday day off

• Vacation time for you to recharge

• Enhanced Parental Leave

• Learning and growth opportunities

• Employee Resource Groups

*Applicable based on location*

G Adventures is an equal opportunity employer committed to fostering a diverse and inclusive work environment. We consider all qualified applicants.