About Us:
We are developing an innovative cloud security product focused on misconfiguration monitoring and identity threat detection and response. We are seeking a top-notch DevOps Engineer to join our team and orchestrate our infrastructure, ensuring seamless integration and deployment of our applications.
Responsibilities:
- Setup and manage GitLab with necessary branch permissions for developers.
- Design, implement, and manage GitLab CI/CD pipelines for all applications and tools across development, staging, and production environments.
- Automate unit testing and integrate it into the deployment process.
- Implement security vulnerability scanning within the CI/CD pipelines.
- Develop a notification and recovery strategy for pipeline failures.
- Manage application Docker image versioning.
- Implement platform monitoring to check the health status of all running applications.
- Set up alerting mechanisms for applications not running as expected.
- Centralize logging to capture and aggregate logs from all platform components.
- Use Infrastructure as Code (IaC) to automate server infrastructure setup and manage VM deployments.
- Create Docker Compose files for application deployment on new VMs.
- Set up secure vault storage for application secrets.
- Configure firewalls and SSL to securely serve backend applications.
- Establish backup mechanisms to secure application data.
- Monitor VM resources and implement scaling mechanisms to handle operational overload.
What Success in the Position Looks Like:
- Scripting Expertise : Experience on node and python application
- Experience with Infrastructure as Code tools such as Terraform, AWS CloudFormation, or Ansible for automating server infrastructure setup and management.
- GitLab: Proficiency in setting up and managing GitLab, including branch permissions and access control.
- Some basics with the native tool from aws (cloudformation) and arm (azure resource manager)
Containerization:
- Docker: Proficiency in Docker, including creating Docker Compose files and managing Docker images.
- Container Orchestration: Familiarity with container orchestration tools like Kubernetes (preferred).
Security:
- Vulnerability Scanning: Experience with setting up and integrating security vulnerability scanning tools into CI/CD pipelines.
- Secret Management: Knowledge of secure vault storage solutions for managing secrets and sensitive information.
- Firewall and SSL Configuration: Proficiency in configuring firewalls and SSL to secure backend applications.
- CIS Benchmarks: Familiarity with CIS (Center for Internet Security) benchmarks and best practices for securing infrastructure and applications.
