Get all C2C Jobs / hotlists 🔥 Alerts

DevSecOps Engineer || Location: Miami, FL || Contract

Contract

jobs in usa for foreigners

jobs in usa for foreigners

 

Hi,

This is Venu from 3Core Systems, Please take a look to review the included job description we have with our client.

Role: DevSecOps Engineer/ Architect

Company: Carnival Cruise Lines
Position Type: Contract
Location: Miami, FL, United States
Onsite Flexibility: 100% Remote

Description:

Important Notes from the Manager Today

·       Stand up global app security program across brands.

·       More proactive than reactive.

·       Person working with software teams help with security best practices, building secure CI/CD, cleaning up cloud deployments

·       Has to be able to build secure pipeline

·       We had a handful of incidents recently that were pretty severe because of no oversight in terms of code review, architecture

 

Top Skills

·       AWS

·       Kubernetes

·       Terraform

·       Rest API’S, MicroServices

·       CI/CD

·       Java experience

·       Security experience: SAS (static analysis), threat modeling, log monitoring

·       25% travel: 1 Week a Month (OR) Every other month to Miami, FL

PHYSICAL DEMANDS & TRAVEL:
Primary Work Location: Remote
Physical Demands:  Work is primarily sedentary where sitting is required most of the time; walking and standing are required occasionally.  Visual acuity is required to perform activities such as: preparing and analyzing data, viewing a computer terminal, reading documents, reports and emails.

Travel Requirements:  40% to 50% travel anticipated, and opportunities may present themselves, including working aboard our cruise ships while in port or underway.  Therefore, having a valid passport and work authorization for the United States is a MUST.

WORK CONDITIONS:  
Travel is required 40% to 50%
Work beyond normal business hours may be required occasionally to support project needs or operational support that may be required outside of normal business hours or on weekends.

BASIC PURPOSE:  
We are looking for a highly skilled DevSecOps Architect to join our team. In this role, you will be responsible for designing, implementing, and maintaining secure DevOps pipelines and infrastructure for one of Carnival’s most innovative brands.  While this role will be embedded within this brand, the role will report into the GISCS organization, and the Global Application Security team specifically. You will work closely with the brand’s development and operations teams to advance a security culture that empowers the brand to produce features and digital experiences that delight our guests while safeguarding the interests of both Carnival Corporation and our customers. 

 ESSENTIAL FUNCTIONS:

·       Design, implement and maintain secure, reusable DevOps pipelines for brand development teams, that align with Carnival global application security standards.

·       Develop and maintain infrastructure as code (IaC) templates for cloud environments such as AWS, Azure, and Google Cloud Platform.

·       Work with development teams to ensure that security is built into the SDLC and that all code is secure by design.

·       Monitor and investigate security incidents and vulnerabilities in the infrastructure and take corrective actions.

·       Continuously assess and improve the security posture of the brand and contribute improvements back to the global organization.

·       Program, engineer, implement, and administer IT Security technical control and tools to assess vulnerabilities, mis-configurations and incidents.

·       Develop and maintain relationships with 3rd party vendors responsible for providing technology services, tools, and consulting.

·       Perform security reviews of deployments to ensure they meet relevant policies, standards, and guidelines.

·       Partner with different brand IT resources to automate and enhance security logging and integrate with managed SIEM provider.

·       Create and distribute security reports to required business and IT units, including vulnerability reports for tracking of remediation.

·       Respond to escalations and other priorities as required, may require afterhours engagement as needed.

·       Other projects and duties as assigned (e.g., assisting global application security pillar on pattern and capability design and buildout)

POSITION SCOPE: 
The scope of this position is specific to a brand that is responsible for significant software development, digital products, and a broad and complex digital ecosystem.  Challenges include managing security initiatives across multiple development and operational units, investigating and resolving complex business and IT realities, and ensuring objectives and outcomes are met in a timely manner.

REPORTING RELATIONSHIPS:
The DevSecOps Architect reports directly to the Sr. Director of Global Application Security.

QUALIFICATIONS: 

·       5+ Year’s Experience within DevOps, DevSecOps roles.

·       5+ years hands on experience with Cloud Service Providers (AWS heavily preferred).

·       Extensive experience with DevOps tools such as Git, Jenkins, Ansible, and Terraform

·       2-3 years hands on experience with Infrastructure as Code (Terraform preferred).

·       Strong understanding of DevOps and Agile methodologies.

·       Hands-on experience using APIs to query RESTful services and integrate third party services.

·       Programming using one or more of the following: Java, Java Spring Boot, Python, or C/C++.

·       Extensive experience with security automation and scripting with languages like Python, Go, or Bash.

·       Hands-on skills and experience with container technologies like Kubernetes, Docker, and Rancher.

·       Experience with security automation, security log review and analysis, threat analysis tools.

·       Experience with CI/CD – Deployment pipelines, and automated build and configuration tools such as GitLab, Jenkins, Ansible, and Terraform

·       DevSecOps practices, including automation of SAST, DAST, IAST, MAST along with threat modeling, code peer reviews, security remediation and security monitoring/incident response enablement.

·       Background in Linux operating systems.

·       Knowledge of cloud security controls involving tenant isolation, encryption at rest, encryption in transit, and secrets management (Hashicorp preferred).

·       Proven track record of taking ownership of strategic initiatives and driving results in complex environments.

·       Demonstrated ability to manage multiple workstreams simultaneously.

·       Ability to work in a fast-paced setting.

·       Proven success in contributing to a team-oriented environment.

·       Proven ability to work creatively and analytically in a problem-solving environment.

·       Excellent communication (written and oral) and interpersonal skills.

 

Click here for More remote and onsite Contract / Fulltime USA JOBS

 

To apply for this job email your details to venu@3coresystems.com

×

Post your C2C job instantly

Quick & easy posting in 10 seconds

Keep it concise - you can add details later
Please use your company/professional email address
Simple math question to prevent spam