Job Classification:

　　Technology - Engineering & Cloud

　　Job Description

　　Are you interested in building capabilities that enable the organization with innovation, speed, agility, scalability and efficiency? The Global Technology team takes great pride in our culture where digital transformation is built into our DNA! When you join our organization at Prudential, youll unlock an exciting and impactful career all while growing your skills and advancing your profession at one of the worlds leading financial services institutions.

　　Your Team & Role

　　As a Director on the DevSecOps team, you will be entrusted with the implementation and oversight of all code within Prudential. Your role is pivotal in ensuring developer enablement of security practices across entire company and all development processes. Your primary responsibility will be the utilization of security tools to create and manage policies that enforce our established standards.

　　You will be collaborating closely with multiple teams within our organization. In partnership with our Information Security, Architecture, and Risk teams, you will be providing guidance and contributing to the development and implementation of our security strategies.

　　Furthermore, your role will involve active communication with our development community. You are expected to empower and equip our developers with the knowledge and tools required to manage security concerns effectively.

　　Your role as a DevSecOps Engineer is critical in maintaining the integrity and security of our code. You will be at the forefront of our security efforts, bridging the gap between development and security. You will be playing a pivotal role in safeguarding Prudential's digital assets.

　　Here is What You Can Expect on a Typical Day

　　Continuously improve the security postures of applications, containers, cloud, and data

　　Advise enterprise teams developing standards and implement policies to monitor compliance

　　Empower application teams to understand and manage their security issues

　　Implement compliance services to provide awareness and manage security risks

　　Inform application teams of their security benchmarks and generate audit reports

　　Partner with security vendors to enhance solutions.

　　Design workflows and implement processes to ensure security issues are raised to the appropriate owners

　　Bring awareness to emerging technologies and threats

　　The Skills & Expertise You Bring

　　Bachelor of Computer Science or Engineering or experience in related fields

　　Leadership:

　　Thought leadership in security, devops, platform engineering, or emerging trends

　　Publishing policy briefs or technical research documentation

　　Ability to lead independently with minimal guidance effectively leverage diverse ideas, experiences, thoughts and perspectives to the benefit of the organization

　　Ability to learn new skills and knowledge on an on-going basis through self-initiative and tackling challenges

　　Excellent problem solving, communication, and collaboration skills

　　Strong technical foundation with experience in several of the following:

　　10+ years in software engineering, devops, and/or security

　　Familiarity with API development (OpenAI, FastAPI, and Kong preferred)

　　Application Languages: Java, Python, JavaScript, Shell Scripts, .Net,

　　Infrastructure: servers, serverless, containers, cloud, networking, mobile,

　　Architectures: Monolithic, event-driven, n-tier, microservices, MVC, distributed,

　　Expertise in the security domains:

　　5+ years focused security programs in a high-risk or large-enterprise environment

　　Experience with multiple security campaigns and rollouts

　　Policy Languages: GraphQL, Rego, Sentinel, HCL, OVAL, CodeQL, datalog,

　　Security Tooling: Static Code Analysis, Secrets, SAST, SCA, DAST, xSPM,

　　Security Data: CVE, CWE, CPE, SBOM, VEX, CVSS, CAPEC, SARIF, ...

　　Security Frameworks: SOC2, NIST, ATT&CK, CIS, ISO 27001/27002, ...

　　Identity Standards: SAML, OAuth, SCIM, LDAP, JWT, Kerberos, OpenID, ...

　　Knowledgeable of DevOps:

　　3+ years of experience in DevOps or Platform Engineering

　　Implemented a DevOps pipeline and experience with tooling

　　Understanding of Agile methodologies

　　Experience in process engineering and developing workflows

　　Strong background with git including merging (rebase, ff, squash) and branching strategies (gitflow, TBD, github flow)

　　Ability to document user guides, bugs/defects, features, and SOPs

　　As-Code Patterns: Infrastructure, Configuration, Security, Policy, Docs, Pipeline, Identity

　　Testing: Code Quality, Unit testing, NFR, test case management

　　General Skillsets:

　　Ability to work as members of a scrum team

　　Strong customer service and value-oriented mindset

　　Strong written and verbal communication skills, including the ability to effectively communicate complex issues to both technical and non-technical users

　　Strong time management and organizational skills

　　Strong initiative, interpersonal and problem-solving skills with a strong desire to learn

　　Ability to create excellent working relationships within and across teams

　　Preferred Qualifications

　　Financial/Insurance industry experience is a plus, not a must

　　Youll Love Working Here Because You Can

　　Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, well help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. Youll be surprised by what this rock-solid organization has in store for you.

　　What we offer you:

　　Market competitive base salaries, with a yearly bonus potential at every level

　　Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental...

　　Equal Opportunity Employer - minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity