Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Gong Senior DevSecOps Engineer 
Israel, Tel Aviv District, Tel Aviv-Yafo 
919431354

10.09.2024

You will be responsible for:

  • Securing and optimizing our cloud services, with a primary focus on AWS, to ensure robust security and compliance.
  • Following alignment with industry security best practices for DevOps services and tools.
  • Supporting and enhancing our monitoring and alerting systems to detect and respond to threats together with our ProdSec team.
  • Developing and implementing threat detection strategies to identify and mitigate potential risks.
  • Automating the deployment of security controls to ensure consistent and scalable protection.
  • Acting as a focal point for security and compliance-related queries and strategies within the DevSecOps team in our DevOps group, driving smarter security decisions that align with business goals.

You should apply if you have:

  • 3+ years of experience in DevOps with a deep understanding of cloud security and best practices.
  • Proven ability to identify common security risks and formulate and execute comprehensive security strategies.
  • Experience with market-leading security tools and providers, coupled with scripting and development skills, preferably in Python.
  • Extensive knowledge of internet protocols, architectures, and security design principles.
  • Hands-on experience with AWS security and encryption services such as IAM Policy, KMS, GuardDuty, CloudTrail, and Identity Center (or equivalent).
  • Strong understanding of security projects that address risks, including patching, secure build, vulnerability scanning and remediation, logging and monitoring, threat management, and user awareness.
  • Proven ability to gather and maintain evidence for security and compliance.
  • Self-motivated with the drive to keep moving things forward.

Preferred Qualifications:

  • One or more security-related certifications, such as CISSP, CEH, CISA, CISM, Security+, or similar.
  • Experience in triaging security alerts and executing incident response.
  • Experience with virtualization technologies, particularly in AWS services such as EKS.
  • Strong sense of ownership, urgency, and drive.
  • Shift-left mindset - i.e. how we’re an enabler rather than a bottleneck
  • Experience with compliance requirements (e.g., SOC2, ISO27001, HIPAA, PCI, etc.).

for more details.