Skip to content

DevSecOps Engineer - Cloud Security

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Summary:

Northwestern Mutual is looking for enthusiastic technologists who want to grow their career in DevSecOps – Cloud Security! In this position, you will work with multi-functional teams while demonstrating a set of diverse technologies and an automation first approach to strive towards improving the efficiency and effectiveness of our DevSecOps program with a focus on Cloud Security. This role requires experience in public cloud and an exceptional level of passion for cloud-native technology with a consistent track record of self-motivated accomplishment. This is a great opportunity to build upon technical experience in cloud security engineering!

Responsibilities:

  • Engineer solutions with a focus on automation to reduce manual/repetitive tasks

  • Guide and advise application and engineering teams in the area of Cloud Security

  • Operationally support DevSecOps capabilities integrated into our software development lifecycle including SAST, DAST, SCA, RASP, CSPM, and infrastructure vulnerability scanners

  • Assist with technical support of DevSecOps capabilities and respond to service and critical issue tickets within service-level agreements

  • Actively supervise, assess and recommend tactical and critical initiatives based on new and emerging threats posing risk to our environments

  • Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry standard methodologies

  • Assist in remediation efforts after security assessment findings outline weaknesses requiring attention

The ideal candidate is:

  • Passionate about security

  • A team player and enjoy collaborating with multi-functional teams

  • A phenomenal communicator (written and verbal) with an ability to articulate complex topics in a clear and concise manner

  • Employs a flexible and constructive approach when solving problems

  • Continuously looking for opportunities to improve our processes and capabilities

  • Familiar with traditional or cloud computing, including networking, compute, storage, app development, data, operations, or security

  • Proficient with development and scripting languages, Python and JavaScript preferred

  • Knowledgable of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)

  • Experienced working with application and engineering teams

  • Comfortable peer-reviewing code, educating on appsec vulnerabilities (OWASP), and providing remediation guidance

  • A self-directed individual contributor

Experience:

  • Bachelor’s degree, Associate's degree or equivalent experience with an emphasis in Cybersecurity, Computer Science, Computer Engineering, Software Engineering, MIS or related field

  • 1-3+ years' experience in DevOps, AWS, and/or cybersecurity practitioner

  • Knowledgeable about secure architecture, engineering and design principles

  • Experience conducting security tests (static and dynamic code analysis, software composition analysis, or penetration tests)

  • Knowledge of common application and cloud security tools, such as Burp, Zap, Checkmarx, InsightAppsec, PrismaCloud, InsightAppsec, InsightCloudsec, Jfrog Xray

  • Experience with CICD pipelines to automate application and infrastructure code deployments

  • Experience with workload orchestration platforms such as Kubernetes

  • Experience with Infrastructure as code concepts and tooling including Terraform or CloudFormation

  • Relevant certifications from GIAC, ISC(2) and other recognized cybersecurity industry organizations

#LI-Post

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.


FIND YOUR FUTURE

We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.