DevsecOps 14833 Remoto

Company Description
Intrigma is a transformative cloud software company, leading the revolution in the U.S. healthcare system with our groundbreaking AI rule-based scheduling engine. We specialize in solutions that automate the scheduling processes for physicians and nurses, enabling optimal workforce management and saving invaluable time.

Job Description
We are seeking talented self-organized and responsible DevSecOps with security experience who can assist with managing our cloud environments and assist with coordinating the Soc 2 Type 2 audit. Ideal candidates enjoy working from home in a fun and fast-paced international environment. We are hosted on AWS and we use both Windows and Linux servers. Tools include: MS SQL, K8s, Kafka, Azure Pipelines, YAML, Git, PowerShell, Bash, DataDog/Python, Postfix, MS ActiveDirectory.


Dev Ops Responsibilities:

Being part of Agile development teams to deliver an end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment;

Working closely with our development team to create an automated continuous integration (CI) and continuous delivery (CD) system

Developing custom scripts to increase system efficiency and lowering the human intervention time on any tasks

Organizing the highest levels of systems and infrastructure availability, acting proactively;

Installing, configuring, testing, and maintaining operating systems, application software and system management tools;

Evaluating application performance, identify potential bottlenecks, develop solutions, and implement them with the help of developers.

Review cloud deployment architectures and implement required security controls.

Sec Ops Responsibilities:

Serve as Subject Matter Expert on Application Security

Overseeing the company?s security, backup, and redundancy and disaster recovery strategies;

Coordinating with the Soc 2 Type 2 Auditors to pass the annual Soc 2 certification

Handle Vendor Security Assessments

Identify security vulnerabilities in the system and implement necessary solutions to remediate the vulnerabilities.

Ensure security best practice is followed and provide solutions to improve existing infrastructure processes in the company.

Be involved in the design and subsequent implementation of security software and service infrastructure.

Identity and access management, provisioning and deprovisioning.

Perks
Fully remote work: Enjoy the flexibility and convenience of working from anywhere.

Dynamic and supportive environment: Collaborate with a team of passionate professionals who are invested in your success.

Opportunities for professional growth: We offer ongoing learning and development opportunities to help you advance your skills.

Unique perk: Travel hackathons! Combine business with pleasure by attending hackathons in exciting cities around the world.

Requirements:
A high degree of self-organization and independent operation is a must

5+ years experience with AWS cloud technologies.

SOC 2, ISO, Vendor Risk Assessment, SOC 2/ISO Audit, Compliance, Cybersecurity

Passionate about security, enjoy challenges and maintain up-to-date knowledge of available and emerging security threats and various security technologies.

Good understanding of Cloud technologies, familiarity with DevOps.

Good foundation and in-depth technical knowledge of security engineering, application security.

Good interpersonal skills with the ability to communicate and work effectively across the organization.

Directory services and single-sign-on solutions.

Vulnerability management and remediation, patching automation and understanding of application security techniques.

Any of these security certifications are plus, but not required:

Certified Information Systems Security Professional (CISSP)

GIAC Certified Incident Handler (GCIH)

GIAC Security Essentials Certification (GSEC)

Microsoft Certified Systems Expert (MCSE)

Microsoft Certified Systems Administrator (MCSA)

Microsoft Certified IT Professional (MCITP)

CompTIA Security+

Also a plus, but not required:

Good knowledge in Kubernetes, Docker Swarm or other cluster management software.

Could be plus points if you have experience with: Implementing and managing HIDS/NIDS, FIM, SIEM solutions.