Senior DevSecOps Engineer

Job Description

JOB TITLE: Senior DevSecOps Engineer

Our Story: Litera, headquartered in Chicago, IL, is a fast-growing software company and one of the leading legal technology suppliers in the world. Serving more than 90% of the world's largest law firms, our software is used by hundreds of thousands of lawyers every day. As a company recognized as one of the best places to work, we believe professional development, rewards programs, open communication, and transparent leadership all contribute to a unique and open work environment. Our employees are driven, energetic, and passionate, and have the ability to make a direct impact on the future of the company.

The Opportunity: (Brief Summary): The Senior DevSecOps Engineer is a critical member of our dynamic team, reporting directly to the Application Security Manager. Your role will contribute significantly to the evolution of Litera's application and cloud security architecture. By lending your cloud security expertise and prowess in security within the Secure Software Development Life Cycle (SSDLC), you will identify and remediate cloud security issues, solidifying our commitment to data integrity and privacy.

A Day in the Life: (Responsibilities)

• Code Review Champion: Conduct comprehensive code reviews to pinpoint issues within infrastructure code, bolstering the security stance of our systems.
• Automated Flaw Detection: Innovate and develop processes that leverage automation to identify, track, and rectify security flaws in our infrastructure code and cloud environments.
• Secure Development Integration: Collaborate to integrate and enforce secure development practices within Litera's SDLC, seamlessly embedding security scans into development pipelines.
• Cloud Security Proficiency: Continuously assess the security landscape of our cloud applications and infrastructure, implementing best-practice security configurations and designs in tandem with the DevOps team.
• Hands-On Collaboration: Collaborate closely with DevOps teams to rectify issues surfaced through security scans or code reviews, ensuring alignment and swift resolution.
• DevOps Security Training: Participate in DevOps training initiatives, contributing by curating resources and delivering presentations on cloud security challenges and internal remediations.

Qualifications:

• 3+ years of relevant experience in DevOps, with a demonstrated understanding of Infrastructure as Code (IaC).
• 2+ years of hands-on experience in identifying and remediating cloud security vulnerabilities.
• Proficiency in source control and build/deployment pipelines (e.g., GitHub, Jenkins, Azure DevOps).
• Proven track record of integrating security tools into CI/CD pipelines.
• Basic understanding of OWASP risks, vulnerabilities, and mitigation techniques.
• Ability to disseminate security knowledge, providing guidance on security fixes.
• Familiarity with Secure Software Development Life Cycle (SSDLC) processes.
• Experience with Azure and/or AWS cloud environments.
• Strong background in adopting security controls and best practices within cloud providers (Azure/AWS preferred).
• Thrives in a fast-paced, ever-evolving environment, adaptable to technological shifts and acquisitions.
• Excellent communication skills to effectively articulate identified security vulnerabilities to DevOps teams, fostering collaboration for resolution.
• Demonstrates continuous growth and consistency in task performance.
• Innovative thinker with the ability to suggest improvements.
• Works seamlessly with engineering, DevOps, and other security teams as required.
• Demonstrates autonomy in executing standard day-to-day tasks with minimal supervision.
• Understands that their work directly impacts the speed and efficacy of security issue identification and resolution.
• Engages effectively with DevOps teams, fostering proactive collaboration in identifying and rectifying security issues.

If you are a seasoned DevSecOps professional, eager to make a meaningful impact by combining your cloud security expertise with DevOps acumen, we invite you to be part of Litera. Your contributions will propel us towards a more secure digital future, and you will play a pivotal role in driving seamless security across our digital ecosystem.

What Sets Us Apart

• Work with a team that has a proven track record.
• Our company's growth will challenge and encourage you to broaden your skills.
• Generous allocation of paid time off, and flexible work hours.
• Attractive company bonus plan.
• Comprehensive medical coverage and Employee Assistance Program
• Many opportunities for rewards and recognition

Litera is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.