DevSecOps Engineer

Join KUBRA's dynamic team as a DevSecOps Engineer! We are on the lookout for a passionate professional to spearhead the integration and maintenance of robust security measures across every stage of our software development lifecycle. Your expertise will be crucial in fortifying the confidentiality, integrity, and availability of KUBRA’s cutting-edge public cloud and Kubernetes-based platform.

In this pivotal role, you will collaborate with our talented DevOps team and cross-functional departments to ensure that our architectural strategies, controls, and processes are not only fit for purpose but elevate the enforcement of KUBRA's security policies. Your efforts will also ensure compliance with industry-recognized standards such as SOC2 and PCI-DSS. Let's innovate and secure the future together at KUBRA!

What you get to do everyday!

• Implement security controls and best practices across CI/CD pipelines
• Ensure vulnerability assessments (including DAST and SAST) are part of every SDLC step.
• Provide security guidance to product engineering teams building software applications in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments
• Provide architectural security guidance to DevOps team building cloud infrastructure in compliance with industry standards (PCI-DSS, NIST, CIS, OWASP) in public cloud environments
• Collaborate with development teams to implement secure coding practices
• Implement measures to improve security of software supply chain
• Develop best practices and security standards for KUBRA Cloud Platform
• Work with KUBRA Risk and Compliance team to support risk assessments by proactively providing mitigations to identified risks
• Work with KUBRA Security team to build appropriate threat models for KUBRA Cloud Platform services
• Maintain vulnerability and patch management processes inline with KUBRA security policy
• Work with KUBRA Security Operations team for incident response as necessary
• Identify opportunities and arrange for updated security training for KUBRA DevOps and Cloud Platform Engineering teams when appropriate

What kind of person you should be!

• You practice ‘Security as Code’ to ensure security baked in and automation.
• Highly organized and responsible.
• Maintain awareness of trends and changes in the Cybersecurity industry and threat landscape.
• Excellent written and verbal communications skills and an ability to maintain a high degree of professionalism in all client communications.
• Ability to influence others, build relationships, manage conflicts, and handle negotiations.
• Understanding and following the business strategy, objectives, and adjusting to performance metrics.
• Excellent, time management, problem-solving, and analytical skills.
• Ability to handle pressure and focus on results.

What you can expect from us!

• Award-winning culture that fosters growth, diversity and inclusion for all
• Paid day off for your birthday
• Free LinkedIn Learning subscription
• Bi-annual performance-based bonuses
• Continued education with our education reimbursement program
• Flexible schedules
• Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
• Two paid days for volunteer opportunities
• Free on-site Fitness center
• Access to a ‘Tickets at Work’ membership
• A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing
• 401k Matching

What skills do you need?

• Experience in public cloud is required (AWS, Azure, GCP)
• At least 3-5 years of experience in Cyber Security roles with a preference in the engineering field.
• Experience work with software development or devops teams is preferred.
• Experience in systems or network administration is preferred.
• Experience working with industry standard regulations and compliance frameworks (PCI-DSS, ISO, NIST, SANS, SOX, SOC II, HIPAA)

Equal Employment Opportunity: KUBRA is committed to the principles of equal employment opportunity. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religion, creed, national origin, physical or mental disability, protected veteran status, or any other characteristic protected by federal, state, or local law. We will provide accommodations during the recruitment process upon request by emailing [email protected]. Information received relating to accommodation will be addressed confidentially.

We thank all applicants for their interest; however, only candidates under consideration will be contacted.

While we value the skills and experiences listed in our job requirements, we also recognize that talent comes in many forms, and welcome applications from candidates who meet most but not all specified requirements. If you possess a strong desire to learn and grow in a dynamic work environment, apply now!

KUBRA is a fast-growing company that delivers customer communications solutions to some of the largest utility, insurance, and government entities across North America. KUBRA offers billing and payments, mapping, mobile apps, proactive communications, and artificial intelligence solutions for customers. With more than 1.5 billion customer interactions annually, KUBRA services reach over 40% of households in the U.S. and Canada. KUBRA is an operating subsidiary of Hearst.

Our office is small enough to allow creative individuals to flourish, yet large enough to provide long-term stability. We place a tremendous amount of responsibility on our team members to be productive, focused and self-motivated. We offer a casual work environment, competitive compensation and a stellar benefits program. 

KUBRA does not typically provide immigration-related assistance, including employment-based work visa (e.g. H-1B) sponsorship, work permit applications and extensions, permanent residence (green card) sponsorship, LMIA applications or permanent residency nominations. Candidates must ensure they have legal authorization to work in the U.S/ Canada. All sponsorship determinations are case by case based on business need.