Sr. DevOps Engineer

We are seeking a DevOps Software Developer experienced in Build and Release Engineering Secure Software Development and Software Supply Chain Risk Management (SCRM) in alignment with ISO 27001 NIST SP 800-161 and NIST SP 800-171 standards.

This role unites software engineering automation and compliance building secure traceable and compliant software pipelines across hybrid (on-prem cloud) environments. You will develop tools and frameworks that ensure software integrity repeatability and regulatory alignment from source code to deployment.

Key Responsibilities

1. Build & Release Engineering

• Design develop and maintain automated build and release pipelines for multi-tier applications.
• Manage version control systems and branching strategies; maintain artifact repositories (e.g. Jfrog Artifactory).
• Develop and optimize build scripts and automation tools using Python Bash CMake or Gradle.
• Implement build verification automated testing and code signing for secure releases.
• Ensure traceability and reproducibility of builds

2. DevOps & Automation

• Architect and maintain CI/CD pipelines with Jenkins GitLab CI or GitHub Actions.
• Use Infrastructure as Code (IaC) tools such as Terraform Ansible or Terraform for consistent infrastructure deployment.
• Automate environment configuration monitoring and policy enforcement to meet compliance standards.
• Integrate security and compliance validation into CI/CD workflows.
• Support hybrid deployments across on-prem virtualized and cloud environments

3. On-Prem & Virtualization Infrastructure

• Manage and maintain on-premises servers and virtualization platforms (VMware vSphere/ESXi KVM or OpenStack).
• Automate provisioning and orchestration for VMs containers and networks.
• Monitor system performance resource utilization and capacity planning.
• Implement network segmentation secure connectivity and identity/access controls in compliance with ISO 27001 Annex A controls.
• Participate in infrastructure hardening patch management and disaster recovery planning.

4. Software Supply Chain Risk Management (SCRM)

• Implement secure software supply chain practices per NIST SP 800-161r1 and NIST SP 800-171.
• Maintain and validate Software Bills of Materials (SBOMs) using tools like BlackDuck
• Identify and mitigate vulnerabilities in open-source and third-party dependencies.
• Enforce artifact provenance cryptographic integrity checks and chain-of-custody documentation across builds.
• Contribute to secure procurement and vendor assurance processes under ISO 27001 and NIST frameworks.

5. Compliance & Security

• Implement and maintain compliance with ISO 27001 NIST SP 800-161 and NIST SP 800-171
• Integrate security baselines vulnerability management and code assurance tools into the DevOps workflow.
• Maintain audit trails change records and compliance documentation for ISO/NIST audits.
• Collaborate with QA Security and Compliance teams to continuously improve the secure development lifecycle (SDLC).

Required Qualifications

• Bachelors degree in Computer Science Software Engineering or related field or equivalent experience.
• 48 years in DevOps Build/Release Engineering or Software Development roles.
• Strong understanding of SDLC DevSecOps and CI/CD principles.
• Proficiency in programming: Python Bash Go or JavaScript.
• Experience with CI/CD platforms (Jenkins GitLab CI Azure DevOps) and IaC tools (Terraform Ansible).
• Practical experience managing on-premises and virtualized infrastructure (VMware Hyper-V KVM).
• Working knowledge of ISO 27001 and NIST 800-series compliance frameworks.
• Familiarity with network security system hardening and access management across hybrid environments.

Preferred Skills

• Experience with Kubernetes container orchestration and hybrid cloud integration.
• Knowledge of FedRAMP CMMC or other federal cybersecurity frameworks.
• Familiarity with PKI code signing and secure key management.
• Experience integrating SAST DAST dependency scanning and compliance automation tools.
• Contribution to continuous improvement of secure SDLC and DevSecOps maturity models.
• Summary

As a DevOps Software Developer you will drive secure automated and compliant software delivery across hybrid infrastructure. Leveraging ISO 27001 and NIST 800-series frameworks youll ensure the quality integrity and traceability of every software artifact while advancing secure development and supply chain assurance across the organization.

The US base salary range for this full-time position is $160000-$190000. Fortinet offers employees a variety of benefits including medical dental vision life and disability insurance 401(k) 11 paid holidays vacation time and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labour market job type and job level. Exact salary offers will be determined by factors such as the candidates subject knowledge skill level qualifications experience and geographic location.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at the time of hire and annually at the Companys discretion.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being.

Embark on a challenging enjoyable and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660000 customers around the globe.