About the company
ORCID is seeking an experienced and enthusiastic professional for the position of fully remote Senior DevSecOps Engineer. If you like the flexibility of a remote organization and the public-service orientation of a non-profit, join us on our mission to connect research and researchers!
Job description
ORCID is seeking a Senior DevSecOps Engineer to serve as an technical advisor and implementor to ensure the ongoing security of ORCID products and service offerings. The Senior DevSecOps Engineer reports directly to the Director of Technology but is also functionally accountable to the Director of Operations and the Director of Product as seamless, matrixed partnership across ORCID units will be key to the success of this role. This position is full time (40 hours/week) and, like all positions at ORCID, is fully remote. Candidates must be able to work during Europe or Americas standard business hours (Mon-Fri) with at least four hours daily between 1300-2000 UTC, with some recurring meetings between 1400 - 1700 UTC. Outside of these parameters, ORCID offers flexibility with your schedule.
Certifications
Proven experience as a DevSecOps engineer or similar role involving securing a user-facing product. (4-6 years)
Experience translating OWASP Top 10 into practical development imperatives and applying to product infrastructure (4-6 years)
Knowledge of and experience with best practices in the union of security engineering and DevOps (2-3 years)
Experience with cloud services (e.g. AWS), their native services, and security features. (3-4 years)
Experience securing databases including access control and encryption whilst maintaining performance (2-3 years)
Experience with integration and release pipelines and the security of tools such as GitHub Actions or other similar modern CI platform (2-3 years)
Familiarity with the security of containerisation technologies such as Docker and Kubernetes. (2-3 years)
Knowledge of Terraform, network security architectures, network access controls, and secure network design. (2-3 years)
Experience translating OWASP Top 10 into practical development imperatives and applying to product infrastructure (4-6 years)
Knowledge of and experience with best practices in the union of security engineering and DevOps (2-3 years)
Experience with cloud services (e.g. AWS), their native services, and security features. (3-4 years)
Experience securing databases including access control and encryption whilst maintaining performance (2-3 years)
Experience with integration and release pipelines and the security of tools such as GitHub Actions or other similar modern CI platform (2-3 years)
Familiarity with the security of containerisation technologies such as Docker and Kubernetes. (2-3 years)
Knowledge of Terraform, network security architectures, network access controls, and secure network design. (2-3 years)
Career pathway
Other
Required experience
Proficiency in specific technical skills or tools
Level of studies
Bachelor's or equivalent level