Principal Cloud DevSecOps Engineer (Will Consider Remote)
- B.S./B.A.in Computer Engineering/Science or technically related
- Minimum of 7 years of relevant experience, or advanced degree with a minimum of 5 years relevant experience
- Familiarity with common VM protection methodologies:
- Virus/malware scanning technologies such as Trend Micro, Symantec, etc.
- Vulnerability scanning and management tools such as Rapid7, etc.
- Endpoint protection solutions such as CrowdStrike, FireEye, etc.
- Experience assessing security issues/risks in open source with security tools like Black Duck or WhiteSource
- Experience working with CVE scoring system to prioritize remediation of issues
- Knowledge of PKI infrastructure and management of certificate authorities and automating the distribution of certificates
- Experience working with cloud vendor HSM and secrets management technologies – how to manage, how to use securely in day to day application use cases, management of cloud based and on-prem.
- Programming expertise - can write scripts from scratch in Python, bash or similar language
- Experience with monitoring tools such as Splunk, AppDynamics, DataDog, etc. from the perspective of a SIEM
- Working knowledge of Cloud provider security monitoring tools – Guard Duty, AWS Inspector, AWS Security Hub, Azure Security Center
- Monitoring and managing cloud environments for changes in their security posture and detection of external threats using
- Logs
- Cloud vendor best practice recommendations
- Managing environments to standards such as HIPAA, CIS, NIST, CSA, GDPR, etc.
- Experience working in an Agile team setting
- Experience working with a secure software development lifecycle
- DevSecOps Engineer Certification, AWS Devops Engineering professional, AWS Certified Security specialist, or similar.
- Experience managing cloud scalability or a mission critical environment
- Experience in deploying/managing software to on-premises, co-located, cloud, and hybrid cloud
- Hands-on experience developing and maintaining CI/CD automation processes & pipelines
- Well-developed social skills to build alliances around DevOps goals and accelerate processes
- Excellent attitude and aptitude with demonstrated strategic mindset that can drive change
- Knowledge of containerized protection methodologies:
- Container scanning such as Twistlock, Aqua, etc.
- Securing Kubernetes worker nodes
- Active container monitoring
- Knowledge of Spiffe and Spire concepts a plus
- Hands-on experience developing dashboards/alerting via CSP native and ELK tools
Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.
We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let’s work together to address universal healthcare needs and improve patients’ lives. Help us shape the future.
Physical Job Requirements
The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. (ADA-United States of America)