DevSecOps Engineer, Internal Security

Please note: This position is not eligible for immigration sponsorship.

Company Overview

Theres a better way to work in financeand more specifically a better way to unlock value potential in private equity-backed portfolio companies. Working at the intersection of sponsors and management teams across every stage of the investment lifecycle our team provides hands-on execution-oriented support to elevate the office of the CFO.

So what does it mean to work at Accordion It means joining 1400 finance & technology experts in a high-growth agile and entrepreneurial environment while changing the way portfolio companies drive value. It also means making your mark on Accordions futureby embracing a culture rooted in collaboration and a firm-wide commitment to building something great together.

Accordion is headquartered in New York City with 10 offices around the globe. Join us!

Position Overview

The DevSecOps Engineer will work within Accordions Internal Security Team and closely collaborate with software development groups to make sure security best practices are embedded throughout the product lifecycle. This role emphasizes policy creation risk management technical advising code reviews and the implementation of penetration test recommendations. The ideal candidate will possess deep technical expertise and be able to bridge the gap between security and development particularly for teams who are new to working with DevSecOps teams.

This position can be based in any of our US office locations and is a hybrid role.

This position is not eligible for immigration sponsorship.

What Youll Do:

• Collaborate with internal development teams to ensure deliverables meet enterprise security standards and best practices in our software development lifecycle
• Participate in code and architecture reviews providing actionable recommendations and secure alternatives
• Advise on and help integrate secure solutions into application and infrastructure pipelines across Azure AWS Google Cloud Platform and Oracle Cloud
• Work with the Security Engineer and Cloud Engineer to proactively identify assess and mitigate security risks in cloud environments and in any infrastructure as code
• Lead the implementation of recommendations from penetration tests and vulnerability assessments working hands-on with development stakeholders
• Support the build-out of a robust DevSecOps program partnering with Accordions CISO and Information Security Manager
• Serve as a subject matter expert to educate development teams with best practices regarding the SDLC
• Review CI/CD platforms (e.g. Jenkins GitLab AzureDataFactory Databricks) and containers to ensure secure deployments
• Maintain awareness of emerging threats security technologies and compliance requirements relevant to Accordions business and clients
• Design and implement security policies standards and guidelines for development best practices tailored to Accordions and our clients risk profile and industry frameworks (including GDPR HIPAA SOC SOX and PCI)
• Consistently support Security services firmwide as Accordion grows and scales
  

You Have:

• Bachelors degree in Computer Science Information Security or a related field or equivalent work experience
• Proven experience as a DevSecOps Engineer or in a similar security engineering role including significant enterprise and cloud security exposure
• Deep understanding of security principles best practices and regulatory frameworks (especially GDPR with strong working knowledge of HIPAA SOC SOX and PCI)
• Expertise with Azure and AWS cloud security; proficiency with Google Cloud Platform and Oracle Cloud are a plus
• Hands-on experience with programming/scripting (such as Python Bash PowerShell) plus experience using secure coding practices
• Familiarity with code review techniques security assessment tools penetration testing approaches and vulnerability scanner platforms
• Direct experience with CI/CD pipelines and automation tools
• Fundamental knowledge of container security (e.g. Docker Kubernetes) and IaC applications
• Excellent verbal and written communication skills to effectively advise technical and non-technical stakeholders
• Strong problem-solving abilities and interpersonal skills suited to a collaborative team-driven environment
• Security certifications (CISSP CEH OSCP or similar)strongly preferred but not mandatory; demonstration of practical expertise in both security and development/programming is most critical
• Prior exposure to consulting training or facilitating cross-functional security workshops is a plus
• Experience helping build security programs from the ground up ideally in partnership with CISO or security leadership
• The candidate must be comfortable operating in a dynamic growth-oriented environment with the willingness to take initiative and help shape the future of Accordions security posture

You Are:

• Excited to be part of a growing team with a focus on driving future growth
• Passionate about delivering exceptional client service
• Knowledgeable about the relationship between Private Equity sponsors and their portfolio companies particularly within the office of the CFO
• Willing to get your hands dirty in the details of a project while simultaneously seeing the whole picture
• Comfortable managing projects with multiple complex workstreams while also focused on your single workstream (you are managing and doing)
• A self-starter with a strong work ethic
• Full of entrepreneurial spirit and comfortable in a fluid flat organization
• Able to effectively communicate complex issues and solutions and raise issues to senior team members when necessary
• A team player able to work with team members across all levels
• Someone who enjoys mentoring others and doing meaningful work
• A leader of others; you lead by example

The annual salary for this role ranges from: $110000 to $150000 benefits bonus

Actual compensation packages are determined by evaluating a wide array of factors unique to each candidate including but not limited to geographic location skill set years and depth of experience education certifications cost of labor and internal equity.

Accordion is an Equal Opportunity Employer. We are committed to building a team that represents a variety of backgrounds perspectives and skills. We do not discriminate on the basis of race color religion marital status age national origin ancestry physical or mental disability medical condition pregnancy genetic information gender sexual orientation gender identity or expression veteran status or any other status protected under federal state or local law.

Please note that as per Accordion policy we do not accept unsolicited resumes from third-party recruiters unless such recruiters are engaged to provide candidates for a specified opening and in alignment with our inclusive diversity values. Any employment agency person or entity that submits an unsolicited resume does so with the understanding that Accordion will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency person or entity.

#LI-HA1