Skip to content

Sr. DevSecOps Engineer

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Senior DevSecOps Engineer
We are looking for a Senior DevSecOps Engineer to join our team within the Corporate Solutions Law and Public Affairs space. The role requires an agile engineering mindset, patience and persistence to solve complex problems, ability to get things done quickly but thoughtfully, and good engineering skills. This role will be a to helping monitor for cybersecurity threats and patching vulnerabilities.

What’s the role?
As a Senior DevSecOps Engineer, your job is to partner with our engineers and business organizations to assist them with secure software development life cycle (SSDLC). This includes helping navigate through the multifaceted risk and cyber security assessment processes, prioritization and establishment of plans to address findings, generating threat models, mitigating security vulnerabilities, hands-on mentoring and treatment of risks in different stages of the development lifecycle. It also includes efforts to improve the process, streamline pipeline changes and improve overall developer engagement. Your role will be that of an embedded team member focused on Law and Public Affairs application portfolio. You will be part of the Risk Engineering Guild, a team that works to improve our SSDLC and shares improvement ideas and works together to keep our policyholders data safe. They will help you learn and navigate the processes and tools that Northwestern Mutual uses as well as support you in your career growth!

Over the long run, you will also be helping develop mitigation strategies to properly react to security weaknesses or vulnerabilities, identify focus areas for remediation of risk, provide guidance and answer questions from team members remediating vulnerabilities, identify preventative, detective, and auto remediation controls and help implement integrations between security tools and platforms or business processes as required.

As a Senior DevSecOps Engineer you will grow to understand:

  • Our applications, CICD pipelines and our security tools.
  • The Senior DevSecOps tasks to remediate vulnerabilities and close security findings
  • The processes around what happens when a security finding is not remediated and how we manage that risk.
  • Our security engineering assessment, needed in order to move an application to production.
  • Our dashboards and what it takes to stay green.
  • Our code and how we could improve our solution patterns in order to be more secure.

Qualifications

  • Bachelor's Degree or equivalent experience
  • 3-5 years experience
  • 3 year of professional IT experience · Experience with CI/CD concepts and tools (i.e. GitLab, testing concepts, change management, blue/green, infrastructure as code)
  • Experience with infrastructure automation tools or coding/scripting (i.e. ansible, terraform, python, JavaScript, PowerShell)
  • Ability to independently identify and resolve issues through effective and creative problem-solving skills.
  • Proactively learn emerging platforms and related technology
  • Ability to solve technical issues and enable/teach peers to be self sufficient
  • Ability to articulate opinions to team members and share ideas
  • Experience with Agile methodologies/DevOps environment
  • Knowledge of defense-in-depth design and operational concerns.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious, and adaptable.
  • Ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners.
  • Proven interpersonal savvy with demonstrated tact and diplomacy.
  • Strong written and verbal communication skills with the ability to interpret and fully explain the impact of vulnerabilities as well as any recommended remediation to multiple knowledge levels.

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.


FIND YOUR FUTURE

We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.