DevSecOps Engineer
To see similar active jobs please follow this link: Remote Development jobs
Roadie, a UPS Company, is a logistics management and crowdsourced delivery platform. Founded in 2014, Roadie offers businesses fast, flexible and asset-light logistics solutions for last-mile delivery. Roadie enables local delivery to more than 95% of U.S. households by providing access to more than 200,000 independent drivers nationwide – allowing businesses to offer their customers delivery optionality for almost any industry, from airlines to artisans.
Under the supervision of the Head of TechOps, reporting to the Information Security team, the DevSecOps Engineer is responsible for supporting and implementing all aspects of secure SDLC, including patching vulnerabilities in libraries, code, and conducting security audits. You will work closely with our development, operations, and security teams to ensure that our cloud infrastructure and Kubernetes deployments are secure, scalable, and efficient. Your primary responsibility will be to integrate security practices into the CI/CD pipeline, automate security tasks, and ensure compliance with industry standards.
What You’ll Do
Work cross-functionally with the InfoSec, SRE, and Engineering teams
Keep up to date with current vulnerabilities in the DevOps space, patch, mitigate, or procure acceptance of the vulnerability by InfoSec standards
Check code and repositories for insecure coding practices and work with Engineering teams to remediate
Work closely with InfoSec to create and maintain Secure SDLC training
Conduct security based quality assurance on pre-deployment packages, and seek approval or denial of those deployments based upon security findings
Conduct security based quality assurance such as dynamic and static code testing
Work closely with Compliance and Engineering teams to conduct pre-project risk assessments
Implement security checks and practices within CI/CD pipelines to ensure secure code deployment and infrastructure
Develop automation scripts and tools to streamline security processes, including vulnerability scanning, patch management, and incident response
Conduct security training and awareness programs for engineering teams to promote a security-first culture
What You Bring
Bachelor's Degree in Computer Science/Engineering, or related work experience
3+ years devops or development experience in an enterprise environment
1+ years security, risk, or compliance experience
Strong knowledge of security tools and best practices, including vulnerability scanning (e.g., Nessus, Qualys), SAST/DAST, and container security tools
Proficiency with scripting and automation languages, especially IaC such as Terraform, Crossplane, etc
Experience with various development methodologies, tools, and CI/CD tools such as Bitbucket, Gitlab, Github, Circle CI, Travis CI, Argo CD, Azure DevOps
Security and DevOps certifications strongly preferred
Why Roadie?
Competitive compensation packages
100% covered health insurance premiums for yourself
401k with company match
Tuition and student loan repayment assistance (that’s right - Roadie will contribute directly to your existing student loans!)
Flexible work schedule with unlimited PTO
Monthly 3-day weekends
Monthly WFH stipend
Paid sabbatical leave - tenured team members are given time to rest, relax, and explore
The technology you need to get the job done
DevSecOps Engineer
To see similar active jobs please follow this link: Remote Development jobs
Roadie, a UPS Company, is a logistics management and crowdsourced delivery platform. Founded in 2014, Roadie offers businesses fast, flexible and asset-light logistics solutions for last-mile delivery. Roadie enables local delivery to more than 95% of U.S. households by providing access to more than 200,000 independent drivers nationwide – allowing businesses to offer their customers delivery optionality for almost any industry, from airlines to artisans.
Under the supervision of the Head of TechOps, reporting to the Information Security team, the DevSecOps Engineer is responsible for supporting and implementing all aspects of secure SDLC, including patching vulnerabilities in libraries, code, and conducting security audits. You will work closely with our development, operations, and security teams to ensure that our cloud infrastructure and Kubernetes deployments are secure, scalable, and efficient. Your primary responsibility will be to integrate security practices into the CI/CD pipeline, automate security tasks, and ensure compliance with industry standards.
What You’ll Do
Work cross-functionally with the InfoSec, SRE, and Engineering teams
Keep up to date with current vulnerabilities in the DevOps space, patch, mitigate, or procure acceptance of the vulnerability by InfoSec standards
Check code and repositories for insecure coding practices and work with Engineering teams to remediate
Work closely with InfoSec to create and maintain Secure SDLC training
Conduct security based quality assurance on pre-deployment packages, and seek approval or denial of those deployments based upon security findings
Conduct security based quality assurance such as dynamic and static code testing
Work closely with Compliance and Engineering teams to conduct pre-project risk assessments
Implement security checks and practices within CI/CD pipelines to ensure secure code deployment and infrastructure
Develop automation scripts and tools to streamline security processes, including vulnerability scanning, patch management, and incident response
Conduct security training and awareness programs for engineering teams to promote a security-first culture
What You Bring
Bachelor's Degree in Computer Science/Engineering, or related work experience
3+ years devops or development experience in an enterprise environment
1+ years security, risk, or compliance experience
Strong knowledge of security tools and best practices, including vulnerability scanning (e.g., Nessus, Qualys), SAST/DAST, and container security tools
Proficiency with scripting and automation languages, especially IaC such as Terraform, Crossplane, etc
Experience with various development methodologies, tools, and CI/CD tools such as Bitbucket, Gitlab, Github, Circle CI, Travis CI, Argo CD, Azure DevOps
Security and DevOps certifications strongly preferred
Why Roadie?
Competitive compensation packages
100% covered health insurance premiums for yourself
401k with company match
Tuition and student loan repayment assistance (that’s right - Roadie will contribute directly to your existing student loans!)
Flexible work schedule with unlimited PTO
Monthly 3-day weekends
Monthly WFH stipend
Paid sabbatical leave - tenured team members are given time to rest, relax, and explore
The technology you need to get the job done