Senior DevOps Engineer
At Opal, we believe enterprise software should be beautiful, simple and designed for the job at hand. The Opal platform empowers marketing teams to collaborate within a dedicated environment to plan, visualize and deploy campaigns across all marketing channels, reducing complexity and aligning teams for better marketing results.
Our team is deeply invested in encouraging a culture that promotes design thinking, collaboration, and a passion for excellence. We work together as a team to revolutionize the modern marketing organization.
About the Job
Opal is seeking a Senior DevOps Engineer who is excited to work on a robust suite of web and mobile applications, allowing creative teams to collaborate and thrive in fast-paced environments at Fortune 500 brands and agencies all over the world.
The Senior DevOps Engineer improves the robustness of Opal security practices, compliance, tools, and infrastructure, helping our engineering teams maintain the sky-high level of trust our organization has built with customers across the globe.
The ideal candidate enjoys being in both the DevOps and Security realms. This will be a unique role at Opal. Success in this role means that the candidate improves both our DevOps and Security footprints. A great candidate would also drive to be a leader on our Platform Operations team by guiding the team to best practices and uplift other Engineers by leveraging previous experience and sharing knowledge. The Engineer in this role should enjoy a wide scope of tasks between DevOps and Security.
Some of the key themes that this role will focus on are cloud and datacenter architectures, CI/CD automation, incident response, monitoring and threat detection, remediation, training, access control, application security, infrastructure and automation security and best practices, cloud security, data security, forensics, hardening, and secure development.
- Develop hardening guidelines and review security configurations related to Linux/Unix hosts, Cloud technology deployments and common web application frameworks
- Help security harden a stack of technologies including: Terraform, Docker, AWS, Azure, Google Cloud, Ansible, Vagrant, Jenkins
- Administer and maintain credentials for a variety of infrastructure and services
- Maintain, protect, and administer data storage systems including security, encryption, and GDPR compliance
- Build tools, systems, and processes that allow your fellow engineers to ship world-class software as quickly and efficiently as possible
- Architect, support, test, and maintain CI/CD pipelines (Blue/Green experience, is a plus)
- Working closely with QA, Platform, Operations, and Experience/UI teams to automate and improve security in workflows
- Advise, and support best practices with a security mindset for a variety of technologies
- Taking part in product brainstorms to help think up the next big thing and bring a strong security stance along the way.
- Lending a helping hand, or ear, whenever necessary
- Be a leader in documenting, educating, and de-siloing of information and process
- Be a champion of supporting customer needs and finding short-term ways to fill those needs
- Work with other members of the Technical Operations team to determine and implement changes to the company's network defense posture
- Provide security domain expertise on protective controls, to include system, network, encryption, storage, and authentication services
- Perform forensics research, Root Cause Analysis, and provide incident response
- Document and create requirements around best practices for security systems and architectures for cloud and on-premise web applications
- Ability to research, document and implement best practices for new platforms adopted by different departments.
- Act as point (for the Product team) for all activities supporting key security certifications and the associated audits (i.e. ISO 27001, SOC 2, etc.).
- Develop technical solutions and select or build new security tools to mitigate vulnerabilities.
- Communicate with management and/or customers regarding threats, risks, assessments, and issues.
- Effectively communicate security remediation strategies.
- Build security monitoring systems from the ground up as new technologies become implemented.
Software Engineering + Security
- Ensure the security of architecture, design, development, coding and configuration of both existing systems as well as new initiatives and enforce security policies.
- Discover and plan remediation for application vulnerabilities in the ruby/rails platform.
- Coach fellow engineers on best practices for maintaining security throughout the software development lifecycle.
- Document and communicate discovered issues; work with teams to resolve them in a manner which improves security and encourages agility
- Research best practices for a variety of technologies and document / advise on solutions for security for multiple teams.
Skills, Experience, Qualifications:
- 8+ Years of DevOps / SecOps / DevSecOps experience supporting enterprise-grade web applications
- Strong ability to gather and present data to support ideas, projects, and opinions
- AWS ecosystem mastery
- Strong understanding of modern web application architectures, both service-oriented and monolithic, ideally focused around Ruby-on-Rails and Elixir
- Experience with infrastructure as code and technologies behind it (Terraform preferred)
- Experience working with production web applications on cloud-based hosting and containerized technologies like Docker.
- Experience managing internal privacy and security certifications such ISO 27001, SOC 2 and GDPR
- Experience implementing Web Application Scanning platforms
- Proven ability to act as an internal champion for security within engineering teams
- Static code analysis experience across a broad swatch of languages
- Demonstrated ability to engineer security into full stack architectures on next-generation cloud and container platforms
- Detailed understanding of security industry standards and frameworks from OWASP, CIS and NIST
- Proven ability to manage projects, gaining consensus and buy-in cross functionally
- Proven ability to drive initiatives with diplomacy and empathy
- Knowledge on load balancers, network device authentication, firewalls, network segregation, VPNs, Security Information and Event Management
- Natural alignment with Opal’s Values: Professional, Intentional, Steadfast, Helpful, Creative, Passionate, and Empathetic
Benefits of Being an Opal Employee Include:
- Competitive compensation and stock options
- Company paid individual Health, Dental, and Vision benefits, including Disability and Life Insurance
- Flexible Paid Time Off and Paid Holidays
- Paid Maternity/Parental Leave
- Flexible Spending Accounts (FSA) - Medical, Dependent Care, Transit, Commuter
- 401(k) and Roth retirement plans
- Company-sponsored outreach & activity programs
- A beautiful office space with plenty of snacks, Stumptown coffee, and friendly coworkers
Opal is an equal-opportunity employer and committed to creating an inclusive and diverse environment. We believe a diverse workplace promotes innovation and enhances decision making. We encourage applications from all qualified candidates and will consider all applicants without regard to race, color, religion, gender identity or expression, national origin, sexual orientation, disability, age, or veteran status.