Who You Are: You are a Senior Security Engineer with a strong focus on application security and a deep understanding of securing CI/CD pipelines. You are experienced in collaborating with development and DevOps teams to integrate security throughout the software delivery lifecycle. You have a proactive mindset, strong technical skills, and a commitment to staying ahead of emerging threats and vulnerabilities. Your attention to detail and ability to automate security processes make you a key partner in ensuring secure software delivery. What You'll Do: Design and implement security controls and tools within CI/CD pipelines to protect against threats and vulnerabilities. Conduct security assessments, code reviews, and penetration testing on applications and infrastructure deployed through CI/CD workflows. Integrate security tools (e.g., SAST, DAST, dependency scanning) into CI/CD systems such as Jenkins, GitLab CI/CD, GitHub Actions, or CircleCI. Collaborate with DevOps teams to automate security checks and ensure secure configuration of build and deployment environments. Monitor and respond to security incidents related to CI/CD processes, including artifact integrity and pipeline tampering. Develop and maintain documentation for secure CI/CD practices, policies, and procedures. Stay up-to-date with emerging threats, vulnerabilities, and security technologies relevant to CI/CD and cloud-native environments. Educate and train development teams on secure coding practices and CI/CD security principles. Ensure compliance with regulatory standards (e.g., SOC 2, ISO27001) in the software delivery lifecycle. What You Have: 3+ years of experience in security engineering, DevSecOps, or a related role. Hands-on experience securing CI/CD pipelines using tools like Jenkins, GitLab CI/CD, GitHub Actions, or similar platforms. Proficiency with security tools such as Sonarcloud and GitHub Security. Strong understanding of software development lifecycle (SDLC) and DevOps practices. Familiarity with containerization and orchestration technologies (e.g., Docker, Kubernetes) and their security implications. Knowledge of cloud platforms (e.g., AWS) and their security configurations. Experience with scripting languages (e.g., Python, Bash) for automation and tool integration. Excellent problem-solving skills and attention to detail. Extras You Bring: Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation. Familiarity with secrets management tools (e.g., HashiCorp Vault, AWS Secrets Manager). Understanding of zero-trust security models and their application in CI/CD. Strong communication skills to collaborate across technical and non-technical teams. Ability to prioritize and manage multiple tasks in a fast-paced environment. Proactive mindset with a focus on identifying and mitigating risks early in the development process. Why Join Polly? Polly is transforming the mortgage industry with its modern, data-driven capital markets ecosystem. We are attacking a trillion-dollar market with gross inefficiencies and seeking to transform the way an entire industry operates. You will have an impact on the design, architecture, and implementation of markets that are often called the engine of the US economy. We value drive for excellence, independent thinking, teamwork, and curiosity. We have an experienced leadership team that previously built large and impactful platforms, offering outstanding opportunities for professional growth and upward mobility. Join us in creating a digital pipeline that facilitates real-time trading of loans. Let’s Get To Know Each Other. To learn more, follow Polly on LinkedIn or visit Polly is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, age, color, national origin, religion, sex, gender identity, sexual orientation, marital status, pregnancy status, disability status, veteran status, or any other legally protected status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Beware of recruitment scams impersonating Polly brand or employees. Our team communicates only through official Polly channels, and we will never ask for sensitive information over text or conduct text-only interviews. If you are ever suspicious or in doubt, reach out to us directly at peopleteam@pollyex.com. We care deeply about this network and your experience. Seniority Level Mid-Senior level Employment Type Full-time Job Function Information Technology #J-18808-Ljbffr Polly
AVAILABLE PRN PART-TIME (24 hours per week) ~ FULL-TIME SIGN-ON BONUS $7,500 FOR FULL-TIME More one-on-one time More success for patients and professionals BE THE CONNECTION. In your role as a physical therapist (PT), you'...
...Position Title: University Health Promotion Specialist Job Group: Professional & Scientific Required Minimum Qualifications: Bachelors degree and 3 years of related experience Preferred Qualifications: Masters or higher in related field...
...Job Description Job Description Benefits: ~401(k)~ Health insurance Looking for process server that will serve legal documents at residental addresses using our company car. All expenses paid. Hours are as follows: Monday - Friday from 5:00pm - 9:00pm and...
...Job Description Job Description Buffer n- General Labor Manufacturing - 2nd shift $19.80 Duties/ Responsibilities: Responsible for unskilled production work on a production line BUFFING Follows instructions given by production forepersons Monitors...
24 Seven is partnering with a well-known agency to help them find a Warehouse Manager to join their team in this onsite position. This is full-time, direct hire opportunity working 5 days/week onsite in the Portland metro area that comes with benefits. Ideal Candidate...