Job DescriptionAbout the Role:Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Security Engineer – Application Security & DevSecOps to join our talented Cyber Security team.This senior-level position is based in Fragomen's Immigration Technology Innovation Lab.Our industry-leading, immigration-specific applications and technology is undergoing tremendous transformation and security is on the critical path to success in that endeavor.A professional, who is passionate about security, capable of effecting change, and ready to take on new challenges, is what we seek.You will be joining a small team of Security Engineers who help make security a distinguishing factor in our immigration software and service offerings.An individual in this role would work closely with developers, under the direction of IT Security, to integrate security tools into development pipelines and ensure that security verification is an active, integrated part of the development process.This role will be based in Costa Rica.How will you make a difference as a Security Engineer - Application Security & DevSecOps at Fragomen?Evaluate, propose and test security verification tools to integrate into the development process, e.g., SAST, DAST, SCA and scanners that review code for hardcoded secrets, API keys and moreOrchestrate the development of security unit testsAdd security checks directly into the build and release pipelinesOptimize security testing based on policy, code changes and riskAutomate workflows using scripts and glue code as needed to integrate security tools into development pipelinesDesign and recommend gating as automation matures to ensure security issues are addressed at the appropriate times in the SDLCAssist with prioritization of findings and remediation effortsOperate and maintain security toolsPerform tasks related to other IT Security domains; threat detection and disruption, security engineering and architecture and incident responseParticipate in cyber security investigationsLeverage your valuable skills and experience to make an impact at Fragomen:A passionate team player who builds knowledge and solves complex problemsSeven or more years of web application development and cyber security experienceProficient in scripting, coding and development frameworks (,NET, Python, Bash, PowerShell)Experience with CICD tools such as Jenkins, GitLab, Bamboo, Octopus and Proget a plusKnowledgeable about SDLC best practicesExperience with cloud native security tools a plusExperience with Kubernetes a plusStrong, professional communication skills that maintain under pressureOne or more relevant certifications such as GWEB, OSCPBA degree in a related field or a combination of related experienceBenefits:At Fragomen, we know that great people make a great organization.We value our people and offer employees a broad range of benefits which includes:Paid days offInsuranceAnd other financial benefits which we encourage you to ask us about!Learn More About Fragomen:Please take time to read , explore the we do for our clients, and review the standard we offer.You can find all the material to the right of this page.
