DevOps Engineer

About the Role:

Were seeking a talentedDevSecOps Engineerto join the NG SIEM Onum team and work directly with our security and infrastructure leadership. This role is critical in embedding security-first practices into our development lifecycle while maintaining the agility and speed that defines our innovation culture. Youll be instrumental in securing our CI/CD pipelines infrastructure and applications while enabling developers to ship secure code faster.

What Youll Do:

Security Integration & Automation (40%):

• Embed security controlsthroughout the entire DevOps lifecycle from code commit to production deployment

• Design and implementautomated security gates within CI/CD pipelines using tools like GitHub Actions Jenkins or GitLab CI

• Build security-as-codeframeworks that make secure practices the default path for developers

• Automate compliance checksand security policy enforcement across cloud infrastructure (AWS GCP)

• Develop custom security toolingto address Onum specific security requirements

Vulnerability & Risk Management (25%):

• Proactively identify and remediatesecurity vulnerabilities in applications containers and infrastructure

• Conduct threat modelingfor new services and features before they reach production

• Perform risk assessmentson architectural decisions and third-party integrations

• Manage vulnerability lifecyclefrom detection through remediation tracking metrics and SLAs

• Implement and maintainvulnerability scanning tools integrated into development workflows

Security Testing & Validation (20%):

• Execute comprehensive security testingincluding SAST DAST SCA and container security scanning

• Perform code reviewswith a security lens identifying potential vulnerabilities before merge

• Validate security controlsthrough continuous testing and red team exercises

• Establish security testing standardsand ensure coverage across the project

Incident Response & Collaboration (15%):

• Help to respond to security incidentsaffecting Onums infrastructure and applications

• Collaborate with CrowdStrike SOCand incident response teams during security events

• Conduct post-incident reviewsand implement preventive measures

• Work cross-functionallywith development operations and security teams to foster shared security responsibility

• Partner with the Manageron strategic security initiatives and architectural decisions

What Youll Need:

Technical Expertise:

• 3 yearsof experience in DevOps Security Engineering or related roles

• Strong programming skillsin Python Go or similar languages for automation and tooling

• Deep knowledgeof cloud platforms particularlyAWS(EC2 S3 VPC Security Groups CloudTrail)

• Hands-on experiencewith:

  • Containerization: Docker container security best practices

  • Orchestration: Kubernetes EKS security policies RBAC

  • IaC: Terraform CloudFormation security scanning for IaC

  • CI/CD: GitHub Actions Jenkins GitLab CI security pipeline integration

  • Configuration Management: Ansible Chef or Puppet

Security Knowledge:

• Strong understandingof:

  • OWASP Top 10 and secure coding practices

  • Network security firewalls ACLs and segmentation

  • Secrets management (HashiCorp Vault AWS Secrets Manager)

  • Security compliance frameworks (SOC 2 ISO 27001 NIST)

• Experience with security tools:

  • Vulnerability scanners (Nessus Qualys Rapid7)

  • SAST/DAST tools (SonarQube Checkmarx Burp Suite)

  • Container security (Trivy Aqua Twistlock)

  • SIEM and log analysis

  • Git security scanning (GitGuardian TruffleHog)

Soft Skills:

• Excellent communication- ability to explain complex security concepts to developers and leadership

• Collaborative mindset- security is a team sport at CrowdStrike

• Problem-solving orientation- creative approaches to balancing security and developer velocity

• Self-motivated- ability to work independently and drive initiatives to completion

• Adaptability- comfortable in a fast-paced innovative environment

Bonus Points:

• Security certifications: AWS Security Specialty CKS (Certified Kubernetes Security Specialist) Certified DevSecOps Professional (CDP) GIAC Cloud Security Automation (GCSA) or equivalen security certifications.

• Contributions to open-source security projects

• Familiarity with zero-trust architectureprinciples

#LI-MB1

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs

• Competitive vacation and holidays for recharge

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks geographic neighborhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.