DevSecOps Engineer

Department Summary

Department Summary

DISH is a Fortune 200 company that continues to redefine the communications industry. Our legacy is innovation and a willingness to challenge the status quo, including reinventing ourselves. We disrupted the pay-TV industry in the mid-90s with the launch of the DISH satellite TV service, taking on some of the largest U.S. corporations in the process, and grew to be the fourth-largest pay-TV provider. We are doing it again with the first live, internet-delivered TV service – Sling TV – that bucks traditional pay-TV norms and gives consumers a truly new way to access and watch television.

Now we have our sights set on upending the wireless industry and unseating the entrenched incumbent carriers.

We are driven by curiosity, pride, adventure, and a desire to win – it’s in our DNA. We’re looking for people with boundless energy, intelligence, and an overwhelming need to achieve, to join our team as we embark on the next chapter of our story.

Opportunity is here. We are DISH.

Job Duties and Responsibilities

Job Duties and Responsibilities

• Help evaluate, select, deploy, and integrate security security tooling in CI/CD pipelines and empower development and deployment teams to incorporate security tooling and processes in all aspects of development and deployment operations.   Help build, harden, maintain, and instrument a comprehensive security orchestration platform within continuous integration & deployment pipelines.
• Work with platform & cloud engineering and software deployment teams to ensure security processes & tooling in development and deployment pipelines.
• Work with appropriate stakeholders to ensure efficient response to issues detected by security tooling.
• Build partnerships with development and deployment teams across several lines of business.
• Create and deliver security training and guidance for development and deployment teams, ensuring they are able to fully leverage and maximize value/efficiency gains from security processes and tooling, allowing them to innovate rapidly and securely.  Reduce time to delivery of secure platforms through orchestration and automation.
• Work in tandem with teams including Application Security Architecture, Security Architecture, Development, Deployment, Cloud Security, Cloud & Platform Engineering, SOC & Cyber Defense Operations, Vulnerability Management, and other IT Operations Teams to identify and implement the most optimal solutions for the company and its customers.
• Help identify and automate repetitive and/or manually time-consuming tasks.
• Measure value and impact of DevSecOps initiatives and help prepare and share impact/progress reporting with IT and Operations leadership.
• Assist development teams with rapid understanding, impact assessment and remediation of detected security issues.
• Assist Application Security Architecture team providing evaluation, guidance, and onboarding support to development and operations teams regarding new applications.

Additional Responsibilities

• Attend and host meetings and provide support in the form of targeted agendas, meeting notes, communications, and follow-up delivery.

• Maintain relevant and current professional knowledge via in-house training, online resources, attendance at professional events, and personal investment in continued education and certification.

• Monitor industry trends for changes, risks, releases, and advancements in DevOps & DevSecOps, cloud computing and technologies, and development frameworks.

• Develop and maintain working relationships with development and deployment teams, their leadership, and various other stakeholders, including pertinent vendors.

• Analyze and review existing processes and procedures to determine areas of possible improvement that will lead to gains in efficiency and security.

• Participate in special projects and perform other duties as assigned.

Skills, Experience and Requirements

Skills, Experience and Requirements

Education: 

• B.S. / B.A. degree or equivalent required.
• MBA and/or post-graduate information security degree preferred.

Experience:

• Excellent verbal and writing skills and the ability to communicate effectively with all levels.  Ability to effectively present complex technical topics to non-technical audiences.

• 3+ years of pertinent professional experience in DevOps/DevSecOps, with significant exposure to a variety of technologies and domains.

• 2+ years of pertinent software engineering experience.

• 2+ years working with AWS, Azure, and/or GCP.  Understanding of cloud computing and cloud security concepts, and some fluency with cloud management tools/commands.

• Experience writing standard operating procedures, system requirements, and other technical documents.

• Experience collaborating with cross functional teams to achieve a shared project goal.

• Working knowledge of software-defined lifecycles, product packaging, and deployments

• Experience with cloud automation tools such as GitLab, Jenkins, Puppet, Chef, Harness, Terraform, CloudFormation, Ansible, SALT, etc.

• Knowledge of containerized technologies like Kubernetes, Docker, etc.

• Experience scripting with Bash, Python, PowerShell, NodeJs, JavaScript, etc.

• Experience coding in more programming languages such as C++, Java, C#, etc.

• Familiarity with Cloud Architecture & Security design.

• Knowledge of WAF, IDS/IPS, SIEM, SOAR, EDR, UEBA, Application Whitelisting, Vulnerability Management.

• Experience with API development, tooling, and security.

• Experience conducting Static Application Security Testing (SAST), Software Composition Analysis (SCA), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), assessing results, and remediating findings.

• Working knowledge of OWASP Top 10 & SANS Top 25.

Certifications:

• Cloud Computing and/or DevOps/DevSecOps certification(s).

Other Knowledge, Skills, and Abilities:

• Excellent time-management and prioritization skills.

• Strong planning and task management skills.

• Working knowledge and experience with project and portfolio management tools, preferably Service Now, Microsoft Project, and/or Jira.

• Business process automation mindset and experience.

• Continual education to develop new skills and technical expertise including proactively organizing, summarizing, and sharing knowledge with others.

Salary Range

Compensation: $106,250.00/Year - $143,750.00/Year
Compensation and Benefits

We also offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits.   

The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location. Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check.