Saviynt's AI-powered identity platform manages and governs human and non-human access to all of an organization's applications, data, and business processes. This role requires the definition and execution of the DevSecOps strategy, encompassing the integration of security throughout the CI/CD pipeline and the entire Software Development Life Cycle (SDLC).
Requirements
- Define DevSecOps strategy and Influence architecture and platform decisions
- Design and implement secure CI/CD pipelines with integrated security controls
- Embed security practices into SDLC (shift-left approach)
- Integrate and operationalize controls aligned with FedRAMP and cloud security best practices
- Apply secure coding practices aligned with OWASP Top 10 to reduce application vulnerabilities
- Automate security testing (SAST, DAST, SCA, container scanning, IaC scanning)
- Define and enforce secure coding standards and best practices
- Secure cloud environments (AWS / Azure / GCP) following FedRAMP security controls (NIST 800-53) where applicable
- Implement identity and access management (IAM), secrets management, and network security controls
- Harden Kubernetes clusters and containerized workloads
- Build and maintain security automation frameworks
- Develop scripts and tools (Python, Go, Bash) to improve security posture
- Monitor vulnerabilities and drive remediation efforts
- Identify and remediate vulnerabilities mapped to OWASP Top 10 categories
Benefits
- 401k Matching
- Retirement Plan
- Generous Paid Time Off
- Relocation Assistance
- Tuition Reimbursement
