DevSecOps

Description

*Employment as a contractor through a third-party agency*

MSD Animal Health Technology Labs specializes in the development of animal health management solutions. We are a multidisciplinary product company, a diverse team of ~450 closely collaborating scientists, AI experts, software, hardware, and mechanical engineers… working alongside veterinarians and other animal experts. Our passion? Shaping the future of animal health and well-being (for much better!).

Our products and platforms identify trends and predict the likelihood of health outcomes for HUNDREDS of MILLIONS of animals each year, from pets, to poultry, farm animals, and even fish. We provide actionable insights for veterinarians, farmers, and producers, changing the way people care for animals in 150 markets.

So, if you’re looking to work in a company that combines pioneering science and technology, dedicated colleagues, and animals, you’ll find it all here – come join us!

We’re looking for an experienced and driven DevSecOps professional to join our R&D group.

Key Responsibilities:

• CI/CD Security: Design, build, and secure CI/CD pipelines (AzureDevOps, GitHub Actions, GitLab CI, etc.).
• Infrastructure as Code (IaC): Harden Terraform, Helm, CloudFormation, or Ansible configurations to prevent misconfigurations and enforce policy as code.
• Cloud Security: Implement and monitor cloud security controls (AWS/GCP/Azure), including identity, networking, and logging.
• Shift Left: Integrate security scanning tools (SAST, DAST, SCA, IaC scanners) into the development pipeline.
• Threat Modeling & Automation: Proactively assess risk across deployments and automate detection of vulnerabilities or misconfigurations.
• Container Security: Design security measures for container build and runtime environments (Docker, Kubernetes, EKS/GKE/AKS, etc.).
• Security Monitoring: Work with security monitoring and Compliance monitoring tools.
• Incident Response Readiness: Assist with Incident Response from a solution research and hardening perspective.

Requirements

• 3+ years in DevOps, Cloud Engineering, or Application Security
• Good experience with CI/CD tools and automation scripting (Bash, Python, Go, etc.)
• Hands-on with cloud-native platforms (AWS, Azure)
• Solid understanding of OWASP Top 10, supply chain security, and common attack vectors
• Experience with security tools: Snyk, Checkov, Trivy, Aqua, etc.
• Familiarity with Kubernetes security: PodSecurityPolicy, RBAC, network policies, etc.
• Good understanding of version control, secrets management, and key management systems (e.g., HashiCorp Vault, AWS KMS)
• Bonus: Familiarity with compliance frameworks (SOC 2, ISO 27001, NIST, HIPAA)
• CISSP, GCP/AWS/Azure Security Specialty, OSCP, CKA/CKS, Terraform Associate- advantage