Senior DevSecOps Engineer

Summary:

The Senior DevSecOps Engineer is responsible for designing, implementing, and maintaining secure, scalable, and resilient development and operational processes across the organization. This role drives a security-first culture, ensuring that both existing and emerging platforms adhere to best practices in security, compliance, and reliability. In partnership with software development, architecture, QA, and operations teams, the Senior DevSecOps Engineer empowers continuous integration and delivery (CI/CD) pipelines, automates processes, and provides technical leadership in secure coding, vulnerability assessment, and remediation. This role also serves as a trusted advisor to leadership and key stakeholders, sharing best practices and emerging trends in DevSecOps.

Education and Experience:

1. A four-year degree in Computer Science, Software Engineering, Information Technology, or a related field.
2. Five or more years of experience in DevOps, DevSecOps, or related roles.
3. Deep knowledge of security tools and best practices, including vulnerability scanning, intrusion detection, and compliance frameworks (e.g., NIST CSF, SOC 2, ISO 27001, PCI-DSS, HIPAA).
4. Strong background in cloud platforms (Microsoft Azure, AWS, or Google Cloud) with a focus on securing cloud infrastructure and services.
5. Proficiency with containers (Docker, Kubernetes) and the secure configuration of containerized workloads.
6. Experience with CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions) and related automation tools.
7. Familiarity with infrastructure-as-code tools (Terraform, Ansible, or CloudFormation) and their secure configurations.
8. Experience with logging, monitoring, and alerting solutions (e.g., ELK Stack, Prometheus, Grafana) and best practices for security operations (SOC, SIEM, etc.).
9. Strong understanding of application security (OWASP Top Ten, secure coding practices, SAST/DAST).
10. Advanced analytical, conceptual, and creative problem-solving abilities.
11. Ability to translate complex security or DevOps requirements into actionable solutions.
12. Solid experience in generating standardized documentation for DevSecOps processes and best practices.
13. Must be self-motivated, work independently, and be a team player amenable to a variety of work projects.
14. Must maintain a high level of confidentiality.
15. Must be able to demonstrate a proactive commitment to ATS corporate values and the success of all staff.
16. Excellent interpersonal and communication skills (written, listening, and verbal).
17. Willing and able to travel occasionally, including overnight travel.

Essential Duties and Responsibilities

1. Lead the design, implementation, and maintenance of CI/CD pipelines that integrate security controls at every stage.
2. Ensure automated testing, vulnerability scanning, and compliance checks are performed continuously. 
3. Establish and maintain a robust application and infrastructure security posture, including vulnerability scanning, threat modeling, and penetration testing.
4. Collaborate with development teams to remediate identified security gaps promptly
5. Architect and maintain secure cloud environments in Azure, AWS, or Google Cloud.
6. Champion best practices for container orchestration, including Kubernetes security, network segmentation, and secure container images.
7. Automation & Infrastructure as Code
8. Advance automation efforts for provisioning, configuration management, and infrastructure deployment (IaC).
9. Define and document standardized operating procedures (SOPs) for secure infrastructure deployment and maintenance.
10. Collaboration & Leadership
11. Partner with cross-functional teams—developers, QA, architects, and operations—to embed security and DevOps principles in the software development lifecycle (SDLC).
12. Mentor and coach junior team members on DevSecOps best practices and emerging technologies.
13. Implement centralized logging, monitoring, and alerting solutions to track system health and security events.
14. Develop incident response processes and lead post-incident reviews to identify root causes and implement improvements.
15. Ensure adherence to relevant security and regulatory standards (NIST CSF, SOC 2, ISO 27001, PCI-DSS, HIPAA, etc.).
16. Develop and maintain security policies, standards, and guidelines in collaboration with management and other stakeholders.
17. Keep abreast of emerging trends and technologies in DevSecOps, cloud security, and application security.
18. Evaluate and integrate new tools, technologies, and processes to enhance security, reliability, and efficiency.
19. Understands and consistently performs in accordance with ATS Mission, Vision, and Values.
20. Support ATS' culture by aligning actions, behaviors, performance, and decisions in accordance with the Company's values as set forth in our All-Employee Competencies.
21. Complete work responsibilities outside of normal business hours as needed and infrequent travel may be required. 
22. Perform other duties and responsibilities as assigned.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential function of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

 

This position performs work primarily in an office setting.

1. Constantly in a stationary position and occasionally will move around.
2. Constantly operates a keyboard and mouse and constantly utilizes a computer monitor(s).
3. Conversing with internal and external customers in person or via phone system.

Compensation & Benefits

• The anticipated base salary range for this position is $110,000 to $160,000. Base salary offered is determined by relevant experience, education, certifications, and geographic location as compared to others doing substantially similar work. In addition to the base salary, employees may be eligible for performance-based incentives, which can vary depending on individual and/or company performance.
• Anderson Trucking Service is committed to supporting our employees with a comprehensive benefits package. Employees will have the opportunity to enroll in a variety of benefit programs including health, dental, and vision insurance, as well as a 401k retirement savings plan effective on the first of the month following 60 days of employment. Additionally, we provide paid holidays, paid time off, access to professional development opportunities, wellness programs, and employee assistance resources to our employees. Our goal is to ensure that all employees have the support and resources they need to thrive both professionally and personally.

EEO and Affirmative Action Statement

It is the policy of the ATS to provide for and promote equal employment opportunity in employment compensation and other terms and conditions of employment without discrimination based on age, race, creed, color, national origin, gender, sexual orientation, disability, marital status, Vietnam Era Veteran status, genetic predisposition, or carrier status.

The ATS designated person for issues concerning Affirmative Action/Equal Employment Opportunity is Director of Human Resources at 320-255-7400.

ATS is committed to assuring equal employment opportunity and equal access to services, programs and activities for individuals with disabilities. It is the policy of the ATS to provide reasonable accommodation to a qualified individual with a disability to enable such individual to perform the essential functions of the position for which he/she is applying or in which he/she is employed.

The policy applies to all employment practices and actions. It includes, but is not limited to, recruitment, job application process, examination and testing, hiring, training, disciplinary actions, rate of pay or other compensation, advancement, classification, transfer, reassignment and promotions.