DevSecOps Engineer

R&D Herzliya, Israel


Description

Summary  
Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations become stricter, organizations struggle to answer one key question: “Is my data safe?”
At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from the inside out. We’ve building the industry’s first fully autonomous data security platform to help our customers dramatically reduce risk with minimal human effort.
At Varonis, we move fast. We’re an ultra-collaborative company with brilliant people who care deeply about the details. Together, we’re solving interesting and complex puzzles to keep the world’s data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you. 
 
We are looking for a DevSecOps Engineer to join our growing DevOps group. In this hands-on role you will be responsible of various cloud security aspects, such as network security, applicative infrastructure security and DevSecOps practices - All to ensure the security and reliability of our cloud platforms.

Responsibilities
  • Be a key member of our global R&D DevOps team, responsible for securing a diverse production environment based on Microsoft Azure, powering a data security platform.
  • Own the end-to-end development and implementation of platform security features, ensuring they are fully integrated into our cloud environments.
  • Design and implement secure cloud networks and infrastructure for complex pre-production and production environments.
  • Establish and enforce DevSecOps best practices within our CI/CD pipelines and automation processes.
  • Take an active role in reviewing and guiding other DevOps engineers on all aspects of security, providing mentorship and ensuring that security best practices are followed across the team.
  • Continuously monitor applications and infrastructure for security vulnerabilities, coordinating prompt remediation efforts.
  • Research and implement new cloud security services, open-source tools, and technologies to enhance security posture.
  • Collaborate closely with R&D engineering teams in designing and implementing new security features and ensuring that security requirements are incorporated from the outset.
Requirements 
  • Hands-on experience as a DevSecOps engineer with a deep understanding of network security, including Firewalls, WAF, PKI, SIEM, Endpoint Security, IDP, application security, and more.
  • Extensive experience with at least one major public cloud platform (Azure, AWS, or GCP).
  • Solid experience with Infrastructure as Code (IaC) and Configuration Management (CM) tools such as Terraform, CloudFormation, and Ansible.
  • Proficiency in coding with scripting languages such as PowerShell, Bash, Python, Go, or equivalent.
  • In-depth understanding of DevOps practices, CI/CD pipelines, version control systems, and embedding security controls into their lifecycle.
  • Strong expertise in Linux or Windows systems and related IT technologies.
  • Eagerness to learn and grow with the role, adapting to new challenges and technologies as the position evolves.
Advantages 
  • Experience with various Azure services such as Service Fabric, AKS, Virtual Machine Scale Sets, Virtual Networks, Azure SQL, Azure AD, App Service, Function Apps, ACI, and more.
  • Familiarity with application security testing tools such as SAST, DAST, IAST.
  • Experience with Kubernetes, containers, and microservices architecture.
Additional Information: 
  • Hybrid work model: 2 days in the office, 3 days remote.
  
 
We invite you to check out our Instagram Page to gain further insight into the Varonis culture!
@VaronisLife 


Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.
#LI-Hybrid