Loading...

Sr Security Dev Ops Architect

Date: 17-Jun-2021

Location: Krakow, MA, PL

Company: Dover Corporation

Dover Fueling Solutions (DFS), comprised of the most trusted names in the fuel industry, are global leaders in driving innovation for over 100 years. DFS, the industry's 1st end-to-end fueling solution, provides advanced fuel-dispensing equipment, including systems and payment, automatic tank gauging and wet stock-management solutions. The DFS business is comprised of industry leading brands including Tokheim, Wayne Fueling Systems, Fairbanks, ProGauge, ClearView and OPW Fuel Management Systems. We lead every market we serve with focused expertise, progressive thinking and customer-inspired innovation in order to push the boundaries of performance for our customers and shareholders. To learn more about DFS, visit www.doverfuelingsolutions.com. DFS is part of the Fluids segment of Dover Corporation (NYSE: DOV).

Position Summary:

As a Sr Security Architect working in an Azure PaaS environment, help strengthen application scalability, automation, deployment speed, testing automation, and security posture for multiple cloud solutions. You will also guide payment hardware and software teams to ensure compliance with standards such as PCI, EMV Co, GDPR and CCPA.  You will work closely with solution teams to assess and remediate risk, as well as assist with the design of new DevSecOps, DevOps and security-related processes within our software development life cycle. You will support solution teams to ensure applications are designed with the latest cybersecurity best practices. You will provide leadership in the areas of vulnerability scanning, certificate management, password policy management, data analysis of security monitoring outputs, coordination of remediation patching, and other security, DevSecOps and compliance efforts. Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open source solutions.

 

Responsibilities

  • Develop a technology roadmap for application security.
  • Define application architecture design policies and frameworks for standards such as GDPR, CCPA and PCI.
  • Maintain and extend relationships with QSA community, Dover and customer security groups.
  • Represent DFS from a security perspective in standards bodies, such as PCI, IFSF and Connexus.
  • Develop effective architectural presentations, product design documentation and proofs-of-concepts to drive security standards into all products and services.
  • Collaborate with the product management and marketing teams on security whitepapers and position statements.
  • Maintain understanding of the retail petroleum market space and what factors influence the market and customer decisions related to security and certifications.
  • Develop and conduct security training for DFS platforms and solutions for commercial, product, solution and service teams.
  • Serve as the primary point-of-contact for security related inquiries from customers, commercial, partners, product and engineering teams.
  • Maintain currency in emerging technologies from a security perspective as it relates to DFS product and service offerings.
  • Provide cybersecurity subject matter expertise in various risk assessments, working in an Agile environment with an understanding of the full software development lifecycle.
  • Assist Azure PaaS development teams to create, implement and apply DevSecOps principles, processes and culture.
  • Assist solution teams to develop DevSecOps strategy and roadmap, along with a prioritized backlog of work items.
  • Help lead a security community of practice and train other teams to take on local security practices.
  • Review and analyse vulnerability data to identify security risks related to network, infrastructure, and software components.
  • Define and implement recommendations for continuous improvement for the services provided.
  • Collect and format the data required for established KPIs to ensure performance is measured against expected business outcomes.

 

Work experience requirements:

  • Experience with Azure DevOps, App Insights, TeamCity, Jira, Chef, Jenkins, Service Fabric, Kubernetes, GitHub, and similar.
  • Experience with C#, .NET, .NET Core.
  • Experience with threat modeling.
  • Experience developing test strategies and automation for unit, integration, system, acceptance as it relates to security.  
  • Experience working in scaled Agile environments.
  • Experience working with teams building large scale SaaS, preferably Azure PaaS, solutions.
  • Experience working with API Security, Container Security, Azure Cloud Security, Azure Blueprints, Azure Policy and security-as-code.
  • Experience with STIG and the Risk Management Framework.
  • Expert experience with OSS license and vulnerability scanning tools.
  • Extensive experience with privacy standards such as GDPR and CCPA.
  • Experience with certifying products for PCI (PA-DSS & PCI-DSS), PCI P2PE and EMV Levels 1, 2 & 3.
  • Certifications such as CISM, CISSP, CISA, PIC-ISA, and PCIP.
  • Minimum of 10 years’ experience working with SaaS and software development teams.
  • Bachelor’s degree in computer science or equivalent.

 

Skills required:

The candidate should also possess the following skills, knowledge and abilities:

 

  • Excellent communication skills, both written and verbal, including visualization for build quality, vulnerabilities, development progress and continuous improvement.
  • Ability to break down complex concepts into easy to understand terms.
  • Excellent analytical skills, organizational abilities, and problem-solving skills.
  • Demonstrated leadership skills; developing high performing DevOps organizations.
  • Customer-driven mindset and aptitude for engineering excellence. .
  • Growth mindset, entrepreneurial spirit, collaborative style and a disciplined delivery focus to work successfully across our global and diverse teams.

 

Essential Requirements:

  • Ability to travel domestically and internationally

All qualified applicants will receive consideration for employment without discrimination on the basis of race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other factors prohibited by law.


Job Segment: Architecture, Engineer, Developer, Risk Management, Engineering, Operations, Technology, Finance