Senior DevSecOps Engineer (#2632)

Our client is a leading holding company specializing in digitalizing car claims using AI to enhance the customer experience. Their central platform connects various providers to streamline the customer journey, making the process more efficient and user-friendly.

We leverage cutting-edge technologies to maintain and secure our infrastructure:

• Cloud Platform: AWS with Kubernetes for deploying our microservices architecture.
• Monitoring & Logging: Datadog for comprehensive observability.
• Security: Cloudflare Zero Trust to secure access to internal resources.
• Data Insights: Snowflake and AWS for advanced data analytics.
• Security Posture: Prisma Cloud from Palo Alto for enhanced security measures.

Responsibilities:

• Prisma Cloud Configuration: Set up compliance frameworks and create alerts for relevant security information. Ensure that security best practices are followed across all cloud services.
• Infrastructure Development: Support infrastructure as code initiatives using Terraform. Collaborate with teams to automate and streamline operations.
• Identity Management: Audit and configure identity providers such as Okta an Microsoft Entra ID to ensure secure access management.
• Security Review: Conduct the yearly security review mandated by our parent company, Allianz SE, which includes a comprehensive 300-question assessment.
• Continuous Improvement: Stay abreast of the latest security threats and solutions. Provide actionable insights and recommendations for enhancing security measures.
• Collaboration: Work closely with development, operations, and data teams to integrate security into the software development lifecycle (SDLC).

What We Are Looking For:

• Startup Mindset: Proactive and innovative with the ability to anticipate needs and suggest improvements without waiting for direction.
• Cloud Security Expertise: Strong understanding of cloud architecture, with a focus on identifying and mitigating security vulnerabilities.
• Networking Knowledge: Proficient in networking concepts including IP, routing, SSL, firewalls, and web application firewalls.
• DevOps with a Security Focus: A DevOps professional with a solid security background, capable improving our infrastructure as code resources to be more secure. Ability to participate to the infrastructure improvement (creation of new modules)
• Regulatory Compliance: Ability to understand security requirements from ISO (Information Security Officer) and translate them into technical requirements on AWS and Prisma Cloud and realize the implementation.
• Infrastructure as Code: Experience with tools like Terraform and GitLab for managing infrastructure and CI/CD processes.
• Certifications: AWS Security Specialist or Palo Alto PCCSE certification is highly appreciated and a plus.
• Follow the Latest Security Reports: Stay up-to-date with the latest security threats and vulnerabilities. Use Prisma Cloud to create relevant alerts when issues are detected and prioritize risks based on their potential impact.