FEDC Job Listing Management

Skip to Content

Job: Sr. DevSecOps Engineer

Home Job: Sr. DevSecOps Engineer

Refine your job search

Subscribe to our newsletter
Pax8

Sr. DevSecOps Engineer

Pax8

Job Description

Job Type: Full time, Salaried

Wage: $170,000/yr. 

Location: Remote, CO.

Job Description

Pax8 is the leading value-added cloud-based SaaS distributor, simplifying the cloud journey for our partners by integrating technology, business intelligence and proactive service to deliver an unparalleled experience. Serving thousands of partners through the indirect sales channel, our mission is to be the world’s favorite place to buy cloud products. We are a fast-growing, dynamic and high-energy startup organization, allowing you to make a meaningful impact on the business. Culture is important to us, and at Pax8, it’s business, and it IS personal. We are passionate, creative and humorously offbeat. We work hard, keep it fun, and expect the best.

We Elev8 each other. We Advoc8 for our partners. We Innov8 continuously. We Celebr8 life.

No matter who you are, Pax8 is a place you can call home. We know there’s no such thing as a “perfect" candidate, so we don’t look for the right "fit" – instead, we look for the add. We encourage you to apply for a role at Pax8 even if you don’t meet 100% of the bullet points. We believe in cultivating an environment with a diversity of perspectives, in hopes that we can all thrive in an inclusive environment.

We are only as great as our people. And we have great people all over the world. No matter where you live and work, you’re a part of the Pax8 team. This means embracing hybrid- and remote-work whenever possible.

Position Summary:


The Sr. DevSecOps Engineer is immersed in the Secure Software Development Life Cycle (SSDLC) bringing secure best practices to the table throughout the development of new and existing microservices. They work together with technical leadership and all Engineering teams to standardize security across Pax8 systems and ensure compliance is built into their lifecycle.

The Sr. Engineer uses security tools and frameworks (e.g., GitHub Security, Veracode, Snyk, SonarQube) to secure Pax8 development, delivery, and runtime environments (e.g., SDLC, CI/CD, docker containers, Kubernetes (EKS), Helm, GitHub Actions, Terraform). They help evolve and implement the security roadmap with tools such as GitHub Advanced Security and AWS security services. The Sr. Engineer advances security within our CI/CD capabilities so the engineering teams can securely deliver value to the business at an ever-increasing rate with a focus on high availability of the Pax8 developed and managed services. They are proactive and uses a decentralized approach to application security and is responsible for integrating security practices within a DevOps context, providing value and expertise from design, through the software development lifecycle and runtime environments. The Sr. Engineer works closely with development, operations, and security teams to implement security controls, identify and mitigate security vulnerabilities, and ensure compliance with relevant security standards and regulations within Pax8 environments.

Essential Responsibilities and Percentage of Time Spent (includes, but is not limited to):

  • Develops the technical approach for Security practices associated with deploying Microservice Architecture into AWS Automation of security compliance standards throughout the software stack from code commit to running applications (30%)
  • Uses an active, hands-on approach towards conducting security assessments to identify, curate, and perform work (30%)
  • Collaborates with architects to develop policies and procedures and provide direct support to the engineering teams while they adopt the security best practices for developed and managed services (25%)
  • Interfaces with the Security team especially during due diligence, SOC, and ISO27001 audits. Provides a comprehensive security stance for the engineering department and generates artifacts throughout the process. Mitigates non-conformant standards and automation of artifact collection (10%)
  • Participates in on-call rotations (5%)

Ideal Skills, Experience, and Competencies:

  • At least six (6) to nine (9) years of experience supporting the architecture, development, automation, testing, and maintenance of software infrastructure
  • Advanced technical knowledge of network web protocols, infrastructure, authentication, enterprise risk management, security engineering, communications and network security, identity and access management and incident response, especially within an AWS context, are critical to success in this role.
  • Familiarity with standard industry compliance frameworks such as ISO27001, SOC2, and experience participating in audit proceedings
  • Desirable candidates will have proven experience with software development and the SDLC Experience with CI/CD concepts and tools such as GitHub Actions, Runners, and Workflows
  • Design, review and create Pull Requests, Terraform, and Helm chart standards from a security perspective
  • Continued focus on application layer security approaches that accelerate development velocity Must be versed in AWS infrastructure and associated security toolkits (i.e., AWS Config, Guard Duty, Trusted Advisor, Control Tower)
  • Ability to integrate security tools with Security Operations Center (SOC) 
  • Competent in
    • Web Application Filter (WAF) methodologies and best practices
    • Code analysis tools and patterns (e.g., GitHub Security, Veracode, Snyk, SonarQube)
    • Kubernetes security practices and tools, such as OPA Gatekeeper or Twistlock
    • Application authorization security (e.g., SSO, SAML, OAuth)
    • Frontend and backend microservice familiarity
  • Ability to be hands-on and operate shoulder to shoulder with the Pax8 DevOps team
    • This a lead from the front, automation-oriented position
    • Designs and implements security controls within AWS which includes design, coding, testing, and deployment.
  • Skilled in programming/scripting languages: Bash, Python, AWS CLI, Java, and JavaScript
  • Solid Site Reliability Engineering experience
  • Highly proficient in the architecture of and integration of AWS services such as EKS, ElastiCache, AWS Elasticsearch Service, RDS and MSK
  • Highly proficient in troubleshooting production Kubernetes microservices
  • Highly proficient with log aggregation systems (such as Sumo Logic), APM tools (such as New Relic or Honeycomb), and AWS CloudWatch Subject-Matter
  • Expert in the design of Terraform modules and best practices of writing Terraform across multiple repositories and AWS accounts.
  • Expert in Agile methodologies using tools such as Jira, Wrike, LeanKit, Rally or similar
  • Strong presentation, written and verbal communication skills

Required Education & Certifications: A./B.S. in related field or equivalent work experience

Work Environment: Professional office environment. Routinely uses standard office equipment such as computers, phones, copy machines, printers, and filing cabinets. Remote and/or hybrid work at Pax8 requires all employees to have adequate, secure, and private internet service. Physical Demands: Sedentary role; primarily involves sitting/standing

Travel Requirements: Infrequent travel is expected of this position

Compensation: Qualified candidates can expect a salary beginning at $170,000 or more depending on experience 

*Note: Compensation is benchmarked on local Denver Metro area market rates. Qualified candidates in other locations can expect a salary package that may be adjusted based off applicable cost of wages in their respective location.

At Pax8 we believe that your Total Rewards should include a benefits package that shows how much we value our greatest assets. All FTE Pax8 people enjoy the following benefits:

  • Non-Commissioned Bonus Plans or Variable Commission
  • 401(k) plan with employer match
  • Medical, Dental Vision Insurance
  • Employee Assistance Program
  • Employer Paid Short Long Term Disability, Life and AD&D Insurance
  • Flexible, Open Vacation
  • Paid Sick Time Off
  • Extended Leave for Life events
  • RTD Eco Pass (For local Colorado Employees)
  • Career Development Programs
  • Stock Option Eligibility
  • Employee-led Resource Groups

Pax8 is an EEOC Employer.

**Disclaimer: The duties and responsibilities described above are not a comprehensive list and additional tasks may be assigned to the employee, time to time; the scope of the job may change as necessitated by business demands. Click “View Application” below for more detail on this specific job.

Application Link

View Application

Quick Response Team

The FEDC Quick Response Team is comprised of several local business people that know how to get projects started – bankers, lawyers, building officials, FEDC members and anyone else that might be able to represent the community and keep a prospect on track.

The Quick Response Team can help a new or relocating business to find instant help for their business.

 

CLICK HERE TO START

Business Begins Here...