Job Classification:
Technology - Engineering & Cloud
Job Description
Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, youll unlock an exciting and impactful career all while growing your skills and advancing your profession at one of the worlds leading financial services institutions.
Your Team & Role
As a Director on the DevSecOps team, you will be entrusted with the implementation and oversight of all code within Prudential. Your role is pivotal in ensuring developer enablement of security practices across entire company and all development processes. Your primary responsibility will be the utilization of security tools to create and manage policies that enforce our established standards.
You will be collaborating closely with multiple teams within our organization. In partnership with our Information Security, Architecture, and Risk teams, you will be providing guidance and contributing to the development and implementation of our security strategies.
Furthermore, your role will involve active communication with our development community. You are expected to empower and equip our developers with the knowledge and tools required to manage security concerns effectively.
Your role as a DevSecOps Engineer is critical in maintaining the integrity and security of our code. You will be at the forefront of our security efforts, bridging the gap between development and security. You will be playing a pivotal role in safeguarding Prudential's digital assets.
Here is What You Can Expect on a Typical Day
Continuously improve the security postures of applications, containers, cloud, and data
Advise enterprise teams developing standards and implement policies to monitor compliance
Empower application teams to understand and manage their security issues
Implement compliance services to provide awareness and manage security risks
Inform application teams of their security benchmarks and generate audit reports
Partner with security vendors to enhance solutions.
Design workflows and implement processes to ensure security issues are raised to the appropriate owners
Bring awareness to emerging technologies and threats
The Skills & Expertise You Bring
Bachelor of Computer Science or Engineering or experience in related fields
Leadership:
Thought leadership in security, devops, platform engineering, or emerging trends
Publishing policy briefs or technical research documentation
Ability to lead independently with minimal guidance effectively leverage diverse ideas, experiences, thoughts and perspectives to the benefit of the organization
Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges
Excellent problem solving, communication, and collaboration skills
Strong technical foundation with experience in several of the following:
10+ years in software engineering, devops, and/or security
Familiarity with API development (OpenAI, FastAPI, and Kong preferred)
Application Languages: Java, Python, JavaScript, Shell Scripts, .Net,
Infrastructure: servers, serverless, containers, cloud, networking, mobile,
Architectures: Monolithic, event-driven, n-tier, microservices, MVC, distributed,
Expertise in the security domains:
5+ years focused security programs in a high-risk or large-enterprise environment
Experience with multiple security campaigns and rollouts
Policy Languages: GraphQL, Rego, Sentinel, HCL, OVAL, CodeQL, datalog,
Security Tooling: Static Code Analysis, Secrets, SAST, SCA, DAST, xSPM,
Security Data: CVE, CWE, CPE, SBOM, VEX, CVSS, CAPEC, SARIF, ...
Security Frameworks: SOC2, NIST, ATT&CK, CIS, ISO 27001/27002, ...
Identity Standards: SAML, OAuth, SCIM, LDAP, JWT, Kerberos, OpenID, ...
Knowledgeable of DevOps:
3+ years of experience in DevOps or Platform Engineering
Implemented a DevOps pipeline and experience with tooling
Understanding of Agile methodologies
Experience in process engineering and developing workflows
Strong background with git including merging (rebase, ff, squash) and branching strategies (gitflow, TBD, github flow)
Ability to document user guides, bugs/defects, features, and SOPs
As-Code Patterns: Infrastructure, Configuration, Security, Policy, Docs, Pipeline, Identity
Testing: Code Quality, Unit testing, NFR, test case management
General Skillsets:
Ability to work as members of a scrum team
Strong customer service and value-oriented mindset
Strong written and verbal communication skills, including the ability to effectively communicate complex issues to both technical and non-technical users
Strong time management and organizational skills
Strong initiative, interpersonal and problem-solving skills with a strong desire to learn
Ability to create excellent working relationships within and across teams
Preferred Qualifications
Financial/Insurance industry experience is a plus, not a must
Youll Love Working Here Because You Can
Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, well help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. Youll be surprised by what this rock-solid organization has in store for you.
What we offer you:
Market competitive base salaries, with a yearly bonus potential at every level
Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental...
Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity