Logo of Huzzle

Home

Matches

Explore

Manage

DevSecOps Engineer

image

Sumitomo Mitsui Trust Bank Limited New York Branch

1mo ago

  • Job
    Full-time
    Mid-level (3-4 years)
  • White Plains

AI generated summary

  • You should have 4+ years in cloud security, experience with CI/CD tools, scripting (bash, Python), infrastructure as code (Terraform), and familiarity with containers and vulnerability management. AWS/Azure certs are a plus.
  • You will engineer cybersecurity solutions, automate security in CI/CD, manage vulnerability scanning, implement compliance testing, develop KRIs, and present updates to management on project progress.

Requirements

  • 4+ years of hands-on security engineer and operations experience securing cloud environments and developing automation workflows.
  • Practical experience in implementing security checks within a Secure SDLC Pipeline
  • Hands on experience with CI/CD tools such as Jenkins, Git, Github Actions, Artifactory etc.
  • Hands on experience with Secrets Management, SCA, open-source tools
  • Scripting experience with one or more scripting languages: bash, python, perl, YAML - required.
  • Hands on experience with infrastructure as code tools such as Terraform or Cloudformation - required.
  • Familiarly with container orchestration technologies such as Kubernetes, Openshift, EKS, AKS
  • Experience with container image scanning and vulnerability management
  • AWS or Azure Certifications

Responsibilities

  • Focuses on hands on engineering and architecting cybersecurity solutions using industry’s best practices to protect the firm from various threat actors.
  • Partner closely with Site Reliability Engineering (SRE) and DevOps teams to design and automate security controls as part of their CI/CD pipelines.
  • Scan and track the remediation of vulnerabilities in code, containers, and infrastructure as code.
  • Implement automation to perform security compliance testing into the development lifecycle.
  • Develop and Report Key Risk Indicators (KRIs) within the SSDLC processes working closely with Americas Division’s Security and Testing Team.
  • Create and present updates to management on periodic basis w.r.t accomplishments, challenges and risks associated with respective projects.

FAQs

Do we support remote work?

Yes, we do remote work in a hybrid format, allowing employees to work from home as well as from an SMBC office.

What is the salary range for the DevSecOps Engineer position?

The anticipated salary range for this role is between $97,000.00 and $154,000.00, based on individual qualifications and market analysis.

What qualifications are required for this role?

Candidates should have 4+ years of hands-on security engineer and operations experience, practical experience in implementing security checks within a Secure SDLC Pipeline, and hands-on experience with CI/CD tools, among other skills.

What tools and technologies should I be familiar with for this position?

Candidates should have hands-on experience with CI/CD tools such as Jenkins and Git, scripting languages like bash or Python, and infrastructure as code tools like Terraform or CloudFormation, as well as familiarity with container orchestration technologies.

Who will I report to in this role?

This position reports to the Head of Cyber Security of Capital Markets and has reporting lines into the regional CISO of the Americas Division as well as the Capital Markets’ COO.

Are there opportunities for bonuses or incentives?

Yes, the role may be eligible for an annual discretionary incentive award in addition to cash compensation.

Does SMBC Group offer benefits to employees?

Yes, SMBC offers a competitive portfolio of benefits to its employees.

What are the primary responsibilities of the DevSecOps Engineer?

Responsibilities include engineering and architecting cybersecurity solutions, automating security controls within CI/CD pipelines, scanning for vulnerabilities, implementing security compliance testing, and reporting Key Risk Indicators.

Is there any requirement for specific certifications?

Yes, AWS or Azure Certifications are required for this position.

How will my performance be evaluated in this role?

Performance evaluations will involve creating and presenting updates to management regarding accomplishments, challenges, and risks associated with various projects.

Sumitomo Mitsui Trust Bank Limited New York Branch

Finance
Industry
201-500
Employees
1925
Founded Year

Mission & Purpose

Sumitomo Mitsui Trust Bank, Limited (SuMi TRUST) was established through the merger of The Sumitomo Trust and Banking Co., Ltd. with Chuo Mitsui Trust and Banking, Ltd. and Chuo Mitsui Asset Trust and Banking Company, Ltd. on April 1, 2012. SuMi TRUST is Japan’s largest trust bank, with AUM of more than $800 Billion USD. SuMi TRUST provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches. The SuMi TRUST NY Branch manages a $35 Billion USD portfolio of corporate debt investments in the United States, with an emphasis on stable income generation, with decades of proven business success. Our areas of expertise include leveraged loans, CLOs, middle-markets, corporate bonds and project financing. SuMi TRUST continues to strive towards excellence and future growth with dedication to our employees and customers.