Spigot is a global multi-platform application development company. We focus on building highly effective digital offerings that can maximize value for our advertisers, publishers, partners, and users. Spigot operates in multiple different product lines on a global landscape. We have products that include mobile applications, browser extensions, desktop apps, digital media, and digital advertising; we also partner with top-tier companies and are currently Yahoo’s #2 partner for driving traffic. These diverse mobile and web solutions allow advertisers to optimize for a highly targeted audience reach. Combining best-in-class industry expertise and consumer interests with proprietary big-data insights, we develop fine-tuned apps that offer optimal user engagement at scale.
Our success is fueled by employee innovation, data-driven decisions, and a startup mentality. We’re talking top-tier healthcare benefits, unlimited PTO, free lunches, flexible work schedules, numerous company outings, coffee, drinks, snacks, and an all-star group of talented professionals.
We are seeking a highly skilled and motivated DevSecOps Engineer to join our fast-paced and dynamic team. You will be responsible for integrating best practices for DevOps pipelines, establishing cloud infrastructure, and ensuring the integrity and security of our systems. You will take part in infrastructure design, conduct code reviews and implement industry standards. This individual will actively collaborate with the IT team, product teams, internal stakeholders, and senior leadership. This role requires a blend of technical expertise in DevOps tools and platforms, along with strong communication and organizational skills to collaborate effectively with development teams and support continuous improvement in build and release processes.
Where You’ll Make an Impact
- Develop and maintain secure CI/CD pipelines for automated code deployment
- Implement and manage security tools and technologies (e.g., vulnerability scanners, intrusion detection systems) within the development and deployment lifecycle.
- Develop and maintain automation scripts for DevOps and security tasks using tools such as Terraform, Ansible, or Puppet.
- Support the adoption of Cloud best practices and supporting technologies to enable such capabilities as DevSecOps, Big Data Analytics, AI, Micro-Services, etc.
- Conduct risk assessments and vulnerability analyses to identify and mitigate potential security threats.
- Collaborate with development and operations teams to ensure secure coding practices and configuration management.
- Respond to security incidents and breaches, performing root cause analysis and remediation.
- Ensure compliance with relevant security standards, regulations, and best practices (e.g., NIST SP 800, ISO 27001, CIS).
- Document security processes, configurations, and incidents.
- Work closely with development, operations, and IT teams to integrate security into the DevOps workflow.
- Solve complex technical and integration issues with creative and secure solutions
Who You Are
- Bachelor’s degree in computer science, Software Development, Information Systems or related field; Master’s Degree is a plus.
- Relevant Certifications such as AWS
- Proven experience in Software Development, DevOps, or a related field
- Experience with Full Stack app development is a plus
- Experience with data management operations is a plus
- Hands-on experience with security tools and technologies
- Proficiency in scripting and automation
- Experience with cloud platforms (e.g., AWS, Google Cloud) and their security features
- Demonstrable experience with Infrastructure as Cod (IaC) e is a big plus
- Familiarity with version control systems (e.g., Git) and CI/CD tools (e.g., Jenkins, GitLab CI, Github Actions).
- Knowledge of virtualization and containerization technologies
- Ability to analyze and mitigate security risks in various environments.
- Excellent problem-solving skills and attention to detail.
- Strong communication skills and the ability to work collaboratively in a team setting.