Senior DevSecOps Engineer

| Remote
Sorry, this job was removed at 2:46 p.m. (EST) on Wednesday, July 17, 2024
Find out who’s hiring remotely
See all Remote jobs
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Madhive is the leading tech company engineered for modern TV advertising. Advertisers seamlessly customize and automate the OTT buying process into an operating system with our self-service platform. Powered by our industry-leading bidder and device graph that processes 260 billion available ad opportunities per day, we deliver precise, brand-safe, audience connections efficiently at scale.

We are seeking an experienced Senior DevSecOps Engineer to join our Cybersecurity team. The successful candidate will enhance our security posture by focusing on the key functions of Protect, Detect, and Respond as outlined by the NIST Cybersecurity Framework. You will drive improvements in our CI/CD security, Cloud security, Attack Surface management, and Incident Response capabilities.

In this role, you will be a pivotal figure in shaping our cybersecurity strategy and execution. Collaboration with our development, operations, and product teams will be central to your responsibilities.

What you’ll do:

Protect:

  • Implement and manage safeguards to protect the organization’s cybersecurity assets.

  • Ensure the security of CI/CD pipelines through practices like static application security testing, security composition analysis, and version control system hardening.

  • Enhance secrets management with secure storage solutions and robust access controls.

  • Manage and secure container images through regular scanning and vulnerability assessments.

  • Conduct infrastructure and code vulnerability management; and cloud misconfiguration management to ensure secure cloud infrastructure.

  • Implement Robust Secret Management practices securely storing, accessing, and rotating secrets.

  • Implement automated remediation workflows for vulnerabilities and misconfigurations.

  • Conduct a thorough review of organization policies and align them with security best practices and compliance requirements.

    Detect:

  • Develop and implement threat management strategies and tools, including continuous monitoring.

  • Implement runtime security solutions to protect cloud workloads and instances from vulnerabilities and exploits.

  • Enhance cloud threat event monitoring using advanced analytics.

  • Deploy and manage Security Incident and Event Management (SIEM) solutions to centralize security event data.

  • Integrate threat intelligence feeds to identify emerging threats.

  • Strengthen network protection with Web app firewalls, intrusion detection systems (IDS), security based proxies, etc.

  • Enhance data loss prevention (DLP) capabilities to protect sensitive data from unauthorized access and exfiltration.

    Respond:

  • Create and maintain an Incident Response Plan based on the NIST Computer Security Incident Handling Guide.

  • Establish and manage an on-call rotation for incident triage and escalation.

  • Conduct incident analysis and digital forensics to understand and mitigate cybersecurity incidents.

  • Implement routine threat hunting activities based on threat intelligence and internal signals.

  • Develop incident response procedures and forensics capabilities to investigate security incidents, collect evidence, analyze root causes, and implement remediation measures to prevent recurrence.

Who you are:

  • 7+ years of experience in DevSecOps, Cloud Security, or a related role.

  • Industry recognized certification in Security, Cloud, or DevOps such as: CISSP, Sec+, SANS GIAC, OSCP, CCSP, AWS, GCP, CKS, Terraform, etc.

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field AND/OR relevant military cybersecurity training

  • Expertise in securing CI/CD pipelines ​​incorporating automated security testing, vulnerability scanning, and compliance checks. 

  • Strong understanding and experience securing cloud platforms (GCP, AWS) and related security tools.

  • Strong experience with infrastructure as code (IaC) and configuration management tools such as Terraform, CloudFormation, or Ansible.

  • Solid understanding of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, GKE, EKS) and securing containerized applications.

  • Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning.

  • Strong skills in scripting languages (e.g., Python, Bash) for automation and tool integration.

  • Proficiency in Attack surface management, Cloud Security Posture Management and Vulnerability Management

  • Knowledge of incident response, threat hunting, and digital forensics.

  • Familiarity with compliance standards such as NIST, GDPR, and SOC1/2/3.

  • Excellent problem-solving skills and the ability to work in a fast-paced environment.

  • Strong communication and collaboration skills.

We are Madhive

We empower our clients to create enduring relationships with consumers through maximum-fidelity, TV-first technology that elevates media, embodies relentless innovation, and ensures unrivaled revenue acceleration.

Madhive is a dynamic, diverse, innovative, and friendly place to work. We embrace our differences and believe they fuel our creativity. We come from varied backgrounds and think that’s important. Whether it’s taking ideas from previous lives and applying them in different ways or creating something completely new, we are all trail-blazing team players who think big and want to make an impact. 

We are committed to cultivating a culture of inclusion and collaboration. We welcome diversity in education, culture, opinions, race, ethnicity, gender identity, veteran status, religion, disability, sexual orientation, and beliefs.

Please be advised that we will NOT be using third-party recruiting agencies for this search.

Read Full Job Description
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
  • People Operations
    • GolangLanguages
    • JavascriptLanguages
    • PythonLanguages
    • SqlLanguages
    • TypeScriptLanguages
    • SvelteLanguages
    • ReactLibraries
    • DockerFrameworks
    • gRPCFrameworks
    • KubernetesFrameworks
    • Node.jsFrameworks
    • TensorFlowFrameworks
    • TerraformFrameworks
    • BigQueryDatabases
    • FirebaseDatabases
    • Neo4jDatabases
    • NoSQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • GitHubServices
    • Google CloudServices
    • Google AnalyticsAnalytics
    • LookerAnalytics
    • TableauAnalytics
    • CanvaDesign
    • FigmaDesign
    • IllustratorDesign
    • MiroDesign
    • PhotoshopDesign
    • AirtableManagement
    • AsanaManagement
    • BasecampManagement
    • ConfluenceManagement
    • Google DriveManagement
    • Google DocsManagement
    • Google SlidesManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • Monday.comManagement
    • ContentfulCMS
    • DocuSignCRM
    • LinkedIn SalesNavigatorCRM
    • SalesforceCRM
    • MarketoLead Gen
    • SlackCollaboration
    • ZoomCollaboration
    • Monday.comProject Management
    • TrelloProject Management
    • Airtable Project Management

Location

Our office is located in the Financial District, a cool and chic neighborhood with beautiful parks, delicious restaurants, and trendy vibes! Centrally located with a variety of subway and bus lines nearby, our office is perfect for commuters coming from all over the Tri-State Area.

An Insider's view of Madhive

How would you describe the company’s work-life balance?

Work-life balance has been made a priority since I started at Madhive, made clear by managers, directors, and senior leadership. Beyond flexible working hours, and encouraged time off, Madhive understands and accepts the necessity of flexibility in people’s lives. Teams consistently jump in and support through the planned and unplanned life events.

Louis

Associate, Client Success Mgr

How do you collaborate with other teams in the company?

I love how Madhive prioritizes maintaining the small company dynamic while continuing to grow. I constantly find myself collaborating with colleagues across all facets of the company and working on various projects stemming from outside of the Product Org. This unique exposure to different viewpoints and backgrounds makes everyday unique and fun!

Scott

Senior Manager, Data Solutions

How does the company support your career growth?

Madhive allocates $1k/year for Professional Development, allowing me to take courses and certifications to strengthen my skills. Leaders ask about my career goals, leverage 1:1s and Performance Reviews to help me set attainable goals. Everyone is focused on learning and improving, and they are all so generous with their knowledge and support!

Mariya

Manager, Agile Coach

How do you empower your team to be more creative?

Our core value 'Embody the Maverick Mindset' highlights that creativity and bold decision making is fundamental to who Madhive is as an organization. Leaders are hired to work in service of their teams and give individuals the space to own their roles and innovate. We are coaches and sounding boards to bring out the best in our people.

Stephanie

Chief People Officer

What are some social events your company does?

Madhive's social calendar is very active! With team specific and company-wide events, both virtual and in-person, there is always an opportunity to connect and build relationships across the company. Lunch Roulette, Trivia nights, creative happy hours, and more, allow for you and your coworkers to have fun and get to know one another better!

Carolyn

Employee Engagement Associate

What are Madhive Perks + Benefits

Madhive Benefits Overview

Madhive is a dynamic, diverse, innovative and friendly place to work. We embrace our differences and believe they fuel our creativity. We come from varied backgrounds and know that’s important to achieving success. But whether it’s taking ideas from previous experiences and applying them in different ways or creating something completely new, we are all trail-blazing team players who think big and strive to make an impact.

Culture
Volunteer in local community
Madhive hosts initiatives all year round for our employees to volunteer, donate, and get involved with the local community, such as an in office backpack drive or a trip to the soup kitchen.
Partners with nonprofits
Madhive partners with organizations across a variety of causes, inclusive of Hunger Relief Efforts, Civil Rights Groups and more.
Open door policy
OKR operational model
Team based strategic planning
Pair programming
Open office floor plan
Employee resource groups
Hybrid work model
Employee awards
Flexible work schedule
Madhive offers a flexible schedule to support working parents.
Remote work program
Our flexible remote work program allows employees to work from home as needed.
Diversity
Mean gender pay gap below 10%
Diversity employee resource groups
We have ERGs dedicated to the AAPI & LGBTQ+ communities, moms and women, with more launching soon. Madhive fully supports employees who want to create any ERG so they have a safe space to connect.
Hiring practices that promote diversity
We are proud to be an equal opportunity employer with a focus on inclusive culture and diversity.
Health Insurance + Wellness
Flexible Spending Account (FSA)
Madhive employees can choose to contribute annually to their FSA or Health Care Savings Account (HSA) depending on the health care plan they enroll in.
Disability insurance
Madhive provides all full-time employees with Short-Term and Long-Term Disability insurance coverage of up to 50% of your earnings.
Dental insurance
Madhive's dental plans all cover 100% of the cost of preventative care, including a high option plan that has a $3,500 annual benefit maximum for dental and $3,500 lifetime maximum for orthodontia.
Vision insurance
The vision benefits include a low exam copay for in-network providers and covers a portion annually toward frames.
Health insurance
Madhive covers up to 100% of premiums for individual employees and their dependents for a variety of plans that includes no or low deductible options.
Life insurance
Madhive provides employees with basic term life and AD&D insurance coverage in the amount of $50,000. Supplemental plans are also available for a small fee.
Pet insurance
Madhive employees can enroll in MetLife pet insurance for managing costly veterinarian expenses including accidents, illness, and wellness. You can enroll in pet insurance at any time during the year
Wellness programs
Madhive offers a variety of wellness initiatives for employees to participate in such as Yoga, Meditation, Soundbath, and Vision Board workshops.
Team workouts
Madhive offers group workouts such as yoga, and a gym for all employees to utilize, free of cost, at our NYC Office.
Mental health benefits
Madhive partners with TriNet to provide mental health programs to all full-time employees through medical insurance. We also offer an Employee Assistance Program.
Abortion travel benefits
Madhive partners with Carrot Fertility to offer abortion travel reimbursement for those states impacted.
Financial & Retirement
401(K)
Employees can enroll for a 401k at anytime through the Empower website linked via TriNet. There is no vesting schedule, fully vested 100% from day one.
401(K) matching
Madhive offers a 401(K) matching plan for FTE. Madhive will match 100% of contributions up to 5%.
Company equity
Madhive offers equity to its' full-time employees. The option will vest monthly over four years with a one-year cliff.
Performance bonus
Madhive's bonus structure varies each year based on both company performance and the financial goals of the company. Percentages are performance based to ensure an equitable distribution of the funds.
Child Care & Parental Leave
Generous parental leave
Primary caregivers may be eligible for 12 weeks of paid leave; secondary caregivers may be eligible for 4 weeks of paid leave. Our unlimited PTO provides flexibility for parents who do not qualify.
Family medical leave
Eligible employees can take up to twelve (12) weeks a year. Employees may take PFL leave continuously or in full day increments intermittently.
Adoption Assistance
We offer employees Carrot Health and Family Planning Benefits up to $10,000 lifetime benefit towards adoption assistance.
Company sponsored family events
Madhive hosts an annual Bring your Kid(s) to work day.
Fertility benefits
Madhive partners with Carrot Fertility to provide family planning benefits up to a $10,000 lifetime benefit.
Vacation + Time Off
Unlimited vacation policy
Paid volunteer time
Madhive offers Paid VTO (Volunteer Time Off) one day per calendar year to encourage employees to give back to their communities.
Paid holidays
Paid sick days
Madhive provides ALL employees with paid sick and safe leave in accordance with all applicable state and local laws.
Flexible time off
Bereavement leave benefits
Company-wide vacation
Madhive offers at least 16 company-wide paid days off. This includes the final week of the year, as a company-wide vacation.
Office Perks
Commuter benefits
Madhive offers pre-tax commuter benefits for all employees for transit.
Company-sponsored outings
Madhive is proud to offer an annual Summer Celebration as our company-wide gathering for all full-time employees to come together and celebrate our accomplishments.
Free daily meals
Madhive offers a daily $25 GrubHub Lunch credit for employees working from the Madhive HQ.
Free snacks and drinks
Madhive HQ has a fully stocked kitchen and pantry including an unlimited variety of snacks and beverages.
Some meals provided
Madhive offers monthly social dining for employees both in person and remote.
Company-sponsored happy hours
Happy hours are hosted monthly in our NYC office, off-site and virtually for remote employees.
Pet friendly
Madhive's HQ is pet-friendly and fully equipped with dog beds and treats!
Recreational clubs
Madhive hosts Summer sports leagues, most recently, kickball!
Relocation assistance
For some roles we offer relocation assistance. We also offer the option to work from home for most positions. Around 40% of our employee’s work remotely for Madhive in states across the country.
Home-office stipend for remote employees
Madhive offers all full-time employees a $1,000 Home Office Stipend in order to be fully equipped with an at-home office.
Meditation space
Mother's room
Onsite gym
Professional Development
Job training & conferences
Madhive fosters a culture of perpetual growth by offering a $1,000 Professional Development Benefit to provide employees with the opportunity to challenge themselves and push their careers forward.
Tuition reimbursement
Madhive offers employees a $1,000 Professional Development Benefit, which can be applied to tuition.
Lunch and learns
Madhive offers lunch and learns on a variety of topics in order to provide ongoing learning opportunities for our employees.
Promote from within
Continuing education stipend
Madhive fosters a culture of perpetual growth by offering a $1,000 Professional Development Benefit to provide employees with the opportunity to challenge themselves and push their careers forward.
Online course subscriptions available
Customized development tracks
Paid industry certifications
Madhive fosters a culture of perpetual growth by offering a $1,000 Professional Development Benefit to provide employees with the opportunity to challenge themselves and push their careers forward.
Apprenticeship programs
Madhive offers an annual paid Summer Internship Program

Additional Perks + Benefits

Every year we reevaluate our benefits programs and perks and consider what we want to change or add in order to ensure we provide the best possible experience for our employees. For example, this past year we partnered with Carta to provide a tax-advisory benefit for employees which provides unlimited free 1:1 tax-advisory sessions with a tax attorney or CPA.
We believe that in order to ensure we are providing our employees with a phenomenal experience we must lead with empathy, honesty and accountability. Our grass rooted Employee Resource Groups provide amazing opportunities for group members and allies to get involved within the community, learn and have fun. We currently have 6 ERGs and that number continues to grow.

More Jobs at Madhive

Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about MadhiveFind similar jobs like this