Job Information
Vertiv Corporation Product Security Engineer (DevSecOps) in Westerville, Ohio
Job Description
JOB SUMMARY
The Product Security Engineer, DevSecOps team member is expected to have foundational knowledge of IT systems, embedded devices, applications, cloud systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practices and emerging technologies. The ideal candidate will have knowledge of industry security frameworks such as OWASP SAMM and will be a strong communicator. They will be responsible for supporting the identification of product and application security threats as well as areas of weakness in products and applications for improvement.
This position will be primarily based out of Westerville, OH - HQ office, and will consistently work under the guidance and processes of global security team while assisting regional as well as global engineering groups. The Product Security Engineer, DevSecOps team member will be expected to use their knowledge and experience to contribute to improving internal secure processes and procedures.
Responsibilities:
In addition to anticipating possible security threats and identifying areas of weakness, the Product Security Engineer must:
Participate as a Security Engineer to work in development, operations activities daily
Support building various tools, processes for the business and for engineering teams through various software development skills and coding practices (OOPS preferred)
Code management and maintenance through DevOps and CI/CD pipelines
Thorough Gitlab usage and maintenance for daily activities tracking, source code management, DevOps and CI/CD
Support internal security team efforts, cross-functional activities
Act as a primary point of contact for regional engineering teams for secure best practices and processes
Assist engineering teams in adopting secure development best practices and processes
Assist in executing internal product security program and vulnerability management processes including triage and tracking closures of issues identified
Provide support to regional and global initiatives as assigned
Requirements:
A bachelor's degree in information technology, Computer Science or related Engineering field is highly desirable.
Total 2 - 4 years of relevant experience in Software Development, Coding (especially OOPS, C++ etc.), DevOps and CI/CD
Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certification, CEH (Certified Ethical Hacker) or equivalent are a plus but not required
Good working knowledge of current Software Development environments, IT risks and experience implementing security solutions.
Ability to interact with a broad cross-section of personnel to articulate and enforce security measures through internal product security program and vulnerability management processes
Excellent written and verbal communication skills as well as business acumen
Strong technical documentation, diagramming, and presentation skills
Effective communication skills and goal-oriented
Ability to work effectively within a team environment and deliver on assigned objectives
Demonstrated collaboration skills within cross-functional environments
Meaningful technical contributions into the development lifecycle of a product, application, and service with guidance from senior t