Location: Miami, FL
Work authorization: any (candidate must be authorized to work in US)
Must-have skills: 5+ y of exp within DevOPs, DevSecOPs roles; 5+ y of exp with Cloud Service Providers (AWS heavily preferred); exp with DevOps tools such as Git OR Jenkins OR Ansible OR Terraform; 2-3 y of exp with Infrastructure as Code (Terraform preferred); Java OR Java Spring Boot OR Python OR C/C; Security experience: SAS (static analysis), threat modeling, log monitoring, APIs to query RESTful services, micro services, Python, Go, or Bash, Kubernetes, Docker, and Rancher, CI/CD, GitLab, SAST, DAST, IAST, MAST; Linux, Hashicorp.
Estimated Duration: 6 months with possible extension(s)
Requirements:
- Availability to work at the Client’s site in Miami, FL (required);
- Experience within DevOPs, DevSecOPs roles (5+ years);
- Experience with Cloud Service Providers (AWS heavily preferred) (5+ years);
- Experience with container technologies like Kubernetes, Docker, and Rancher;
- Experience with Infrastructure as Code (Terraform) (2-3 years);
- Experience with DevOps tools such as Git, Jenkins, Ansible, and Terraform
- Experience with DevOps and Agile methodologies;
- Experience using APIs to query RESTful services and integrate third party services, micro services;
- Programming experience using one or more of the following: Java, Java Spring Boot, Python, or C/C++;
- Experience with CI/CD – Deployment pipelines, and automated build and configuration tools such as GitLab, Jenkins, Ansible, and Terraform;
- Security experience: SAS (static analysis), threat modeling, log monitoring
- Experience with security automation and scripting with languages like Python, Go, or Bash;
- Experience with security automation, security log review and analysis, threat analysis tools;
- Experience with DevSecOps practices, including automation of SAST, DAST, IAST, MAST along with threat modeling, code peer reviews, security remediation and security monitoring/incident response enablement;
- Experience in Linux operating systems;
- Experience with cloud security controls involving tenant isolation, encryption at rest, encryption in transit, and secrets management (Hashicorp preferred);
- Ability to travel both locally and internationally 25% of the time.
Responsibilities include but are not limited to the following:
- Design, implement and maintain secure, reusable DevOps pipelines for brand development teams, that align with Carnival global application security standards.
- Develop and maintain infrastructure as code (IaC) templates for cloud environments such as AWS, Azure, and Google Cloud Platform.
- Work with development teams to ensure that security is built into the SDLC and that all code is secure by design.
- Monitor and investigate security incidents and vulnerabilities in the infrastructure and take corrective actions.
- Continuously assess and improve the security posture of the brand and contribute improvements back to the global organization.
- Program, engineer, implement, and administer IT Security technical control and tools to assess vulnerabilities, mis-configurations and incidents.
- Develop and maintain relationships with 3rd party vendors responsible for providing technology services, tools, and consulting.
- Perform security reviews of deployments to ensure they meet relevant policies, standards, and guidelines.
- Partner with different brand IT resources to automate and enhance security logging and integrate with managed SIEM provider.
- Create and distribute security reports to required business and IT units, including vulnerability reports for tracking of remediation.
- Respond to escalations and other priorities as required, may require afterhours engagement as needed.
- Other projects and duties as assigned (e.g., assisting global application security pillar on pattern and capability design and buildout)