Senior DevSecOps Engineer

This is a fully remote position, open to applicants in Costa Rica.

📋 Description

• Collaborate with DevOps teams to design, implement, and uphold secure CI/CD pipelines that incorporate security testing throughout the software development lifecycle.

• Execute automated security scanning that includes SAST, DAST, SCA, and container scanning.

• Deploy and provide support for API Security tools.

• Guarantee that tools consistently report to an aggregator.

• Work alongside development teams to advocate for secure coding practices and offer security guidance during the development process.

• Ensure adherence to industry standards pertinent to the travel sector, including PCI-DSS, GDPR, and SOC 2.

• Guide junior engineers and foster a security-first culture within engineering teams.

⛳️ Requirements

• A minimum of 5 years of professional experience in software development.

• Proven expertise in at least one major programming language (Python, Go, Java, JavaScript/TypeScript, or similar).

• Over 3 years of hands-on experience in DevSecOps or Security Engineering.

• Strong understanding of OWASP.

• Extensive cloud security knowledge with at least one leading cloud service provider (AWS, Azure, or GCP).

• In-depth knowledge of API Security and related security tools (Salt, Akamai, Cloudflare, or similar).

• Comprehensive understanding of cloud-native security, including IAM, network security, encryption, secrets management, and compliance frameworks.

• Proficient with CI/CD tools (Jenkins, GitLab CI, GitHub Actions, CircleCI, or similar).

• Experience with Infrastructure as Code tools (Terraform, CloudFormation, Ansible, or similar).

🏝️ Benefits

• Flexible benefits customized for each country, commencing on your first day.

• Health and welfare insurance plans.

• Retirement programs.

• Parental leave.

• Adoption assistance.

• Wellbeing resources available to support you and your immediate family.