SecDevOps Architect

Career Renew is recruiting for one of its clients a SecDevOps Architect - this is a remote position, but candidates need to be based in the NYC Area.

The Security Development Operations (SecDevOps) Architect is responsible for the design, development, and implementation of web applications, command line scripts, and diverse technical deliverables of the Security Development Operations (SecDevOps) Team under NYP Information Security. The SecDevOps Architect will use agile methodologies and modern development practices to conceptualize, create, operationalize, and support bespoke applications that provide vital capabilities to Information Security and other stakeholders.

Essential Job Duties

• Design, develop, and maintain scalable web applications using modern Python and Node.js frameworks.
• Write clean, maintainable, and secure code following best practices and internal coding standards.
• Write HTML, JavaScript, and CSS to satisfy user interface requirements.
• Create, secure, and implement APIs for data exchange and integration with other systems.
• Write performant SQL queries for relational databases that support web application functionality.
• Develop and execute unit tests to ensure code quality.
• Debug, diagnose, and correct issues impacting the performance of web applications, scripts, and other solutions.
• Use version control system (e.g., Git) for all development activities. 
• Work with a DevOps platform to manage code repositories, track work, and collaborate with team members.
• Develop CI/CD pipelines to automate and streamline deployments. 
• Participate in, and contribute to, code reviews and other collaborative technical sessions.
• Create and maintain detailed technical documentation.
• Perform periodic system administration and configuration tasks in Linux server environments
• Continually improve web application functionality and user experience through ongoing collaboration with stakeholders and Information Security leadership.
• Collaborate with project stakeholders to identify emerging requirements, operational and technical gaps, and potential targets for automation. 
• Implement and utilize various open-source and commercial software solutions to strengthen software development practices and enhance security.
• Stay up to date on industry trends, new technologies, and best practices directly applicable to the role.
• Organize and lead technical workshops for team members and other user-facing training events.
• Work effectively as part of a team and independently.
• Perform various technical, administrative, and other tasks as required.

“May require occasional on-site presence; therefore, should live within a commutable distance.  No relocation assistance available.”

Requirements

• Ten (10) or more years of professional experience designing and developing scalable web applications using the Django framework. (Preference will be given to candidates that also have Node.js experience.)
• Bachelor’s degree in Computer Science, Information Technology, or a computer related discipline or equivalent experience
• SEC401, Security+, or similar security professional certifications
• Experience creating web applications using Python frameworks 
• Experience creating web applications using Node.js frameworks
• Experience writing command line scripts with Python
• Experience working with REST APIs
• Experience writing HTML, CSS, and JavaScript for user interfaces
• Experience with relational databases and SQL
• Experience with the Linux operating system
• 10+ years of relevant web application development experience
• Experience configuring and administering web and application services in Linux
• Strong communication skills to communicate systems proposals to management and customers, and provide systems diagnoses and resolution for current systems
• Strong organization skills to prioritize work and deliver on complex projects
• Strong interpersonal skills to interact with customers, leadership, and team members.
• Able to work autonomously and collaboratively

• Preferred Qualifications:
• Knowledge and experience with authentication and authorization mechanisms, including two-factor and federation platforms.
• Knowledge and experience with networking, network security platforms including SIEM, firewalls, intrusion detection and prevention, web proxies and internet content filtering.
• Knowledge and experience with the following security technologies: cryptography and encryption products, data handling and classification procedures, vulnerability remediation 
• Knowledge and experience of security operations orchestration platforms, infrastructure monitoring platforms, and automation fundamentals