Senior DevSecOps Engineer - Remote
Your potential. Your opportunity.
Do you want your voice heard and your actions to count?
Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in the world. Across the globe, we’re 180,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long-term relationships, serving society, and fostering shared and sustainable growth for a better world.
With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.
Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.This is a remote position. A member of our recruitment team will discuss location preferences with you in more detail.
Job SummaryAs a Senior DevSecOps Engineer at MUFG, you will be responsible for providing in depth subject matter expertise in automating, monitoring, and applying security at all phases of the Software Development Life Cycle, and the delivery of trusted products and services. As a member of this team, you 'll design and implement security solutions to improve efficiency, performance, and reliability with an eye to automation and continuous integration, continuous delivery, and continuous deployment (CI/CD).Major Responsibilities:- Assist selecting and implementing tools that will elevate the maturity of the DevSecOps practice.- Identify opportunities for automation, partner with engineering and security teams on implementing automation.- Develop and support development of security testing and validation tooling.- Design and implement container image security lifecycle in CI/CD pipeline covering source control, integration, and deployment (ex: Bitbucket, Jenkins, JIRA, Nexus, OpenShift, Amazon EKS).- Stay abreast of industry trends and best practices; conduct research, tests, and execute new techniques that can be reused and applied to SDLC.- B.S., Computer Science or other advanced degree in related field, preferred- 2+ years of hands-on experience with DevSecOps tools like Jenkins, container security (StockRox/Aqua/Prisma/Sysdig/NueVector), OpenShift, Amazon EKS.- 4+ years of hands-on experience with DevOps and cybersecurity domains like vulnerability management and system hardening compliance in hybrid cloud and on-prem environment.- Experience in the banking or finance industries preferred- Able to work independently on tasks, but also work well within a team environment- Excellent communication skills and able to adapt to the audience- Proven expertise deploying one of the commercial container security products and closing the gaps through development, automation, API integrations, and researching and closing vulnerabilities via patching.- Advanced expertise in securing containerized workloads- Proficient with language like python.- Familiarity with development using RESTful APIs.- Familiarity with microservice and service mesh architecture.- Familiarity of advanced iterative Agile methodologies.- Familiarity to security standards such as NIST 800-53, NIST 800-190 and NIST 800-204A- Any of the following are a plus but not necessary; CISSP, CCSP, CKSThe above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.
We are proud to be an Equal Opportunity/Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.Some MUFG roles require that individuals be fully vaccinated against COVID-19, subject to exemptions for medical or religious reasons, as well as any other reason required by applicable law or order. Should you be selected for an interview, your recruiter will provide additional information.