Key skills
PythonGoSQLRBashPowerShellAIAWSAzureGCPTerraformKubernetesAnsibleAKSCloudFormationAzure SQLApp ServiceAzure ADVersion ControlCI/CDNetwork SecurityCloud SecurityWAF
About this role
Varonis secures AI and the data that powers it. The role of DevSecOps Engineer involves ensuring the security and reliability of cloud platforms by managing various cloud security aspects.
Responsibilities:
- Be a key member of our global R&D DevOps team, responsible for securing a diverse production environment based on Microsoft Azure, powering a data security platform
- Own the end-to-end development and implementation of platform security features, ensuring they are fully integrated into our cloud environments
- Design and implement secure cloud networks and infrastructure for complex pre-production and production environments
- Establish and enforce DevSecOps best practices within our CI/CD pipelines and automation processes
- Take an active role in reviewing and guiding other DevOps engineers on all aspects of security, providing mentorship and ensuring that security best practices are followed across the team
- Continuously monitor applications and infrastructure for security vulnerabilities, coordinating prompt remediation efforts
- Research and implement new cloud security services, open-source tools, and technologies to enhance security posture
- Collaborate closely with R&D engineering teams in designing and implementing new security features and ensuring that security requirements are incorporated from the outset
Requirements:
- Hands-on experience as a DevSecOps engineer with a deep understanding of network security, including Firewalls, WAF, PKI, SIEM, Endpoint Security, IDP, application security, and more
- Extensive experience with at least one major public cloud platform (Azure, AWS, or GCP)
- Solid experience with Infrastructure as Code (IaC) and Configuration Management (CM) tools such as Terraform, CloudFormation, and Ansible
- Proficiency in coding with scripting languages such as PowerShell, Bash, Python, Go, or equivalent
- In-depth understanding of DevOps practices, CI/CD pipelines, version control systems, and embedding security controls into their lifecycle
- Strong expertise in Linux or Windows systems and related IT technologies
- Eagerness to learn and grow with the role, adapting to new challenges and technologies as the position evolves
- Experience with various Azure services such as Service Fabric, AKS, Virtual Machine Scale Sets, Virtual Networks, Azure SQL, Azure AD, App Service, Function Apps, ACI, etc
- Familiarity with application security testing tools such as SAST, DAST, IAST
- Experience with Kubernetes, containers, and microservices architecture