We are looking for a passionate, collaborative and driven DevSecOps Engineer to join our team. You will be contributing the DevSecOps team within Risk and Security at HealthEquity. Influence and drive security standards alignment make recommendations on security risks, threats, and issues. Build relationships with technology and business leaders and SMEs to implement security controls consistent with the security programs mission.
• Bachelor’s degree, or the equivalent years related experience required
• 6+ years of combined hands-on experience securing Hybrid and Multi Cloud environments (Azure and AWS).
• 6+ years building/maintaining CI/CD pipelines
• Automation, scripting, and business intelligence experience highly preferred (Terraform, PowerShell, python, PowerBI, and API configuration experience)
• Knowledge and experience with leading information security frameworks and best practices (NIST Cybersecurity Framework, ISO27001/2, CIS Top 20 Controls, CSA CCM).
• Experience in consulting, advisory or assessment work preferred
• CISSP or similar security certification preferred
• Excellent interpersonal skills including the ability to interact effectively and professionally with individuals at all levels; both internal and external
• Team player capable of developing strong collaborative working relationships with internal partners and able to effectively engage and build consensus among cross-functional teams
• Demonstrate excellent communication and listening skills
• Operates with a commitment to customer service excellence
• Possess a sincere desire to learn, grow, and go beyond personal capabilities
• Must be able to manage multiple tasks/projects simultaneously within inflexible time frames
• Self-motivated with strong organizational skills and superior attention to detail
• Possess an in-depth knowledge of securing organizations, cloud-based resources, networks, systems, databases, applications, and processes
• Build strong relationships with other technical personnel so that they are willing to reach out for your opinion / thoughts / insight on security things
• Contribute to the overall direction/mission/purpose of the Technical Security team