AbbVie
Senior DevSecOps Engineer (Remote)
AbbVie is looking for a
Senior DevSecOps Engineer
to join our Information Security team. The role involves the implementation and administration of application security tooling, integration of scanning into CI/CD pipelines, and building automated finding management technologies to facilitate developer remediation activities.
Base pay range $106,500.00/yr - $202,500.00/yr
Responsibilities
Implement and maintain Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify vulnerabilities and configuration issues during the software development lifecycle.
Implement and maintain tools (such as Application Security Posture Management/ASPM) to centralize and deduplicate findings from multiple solutions and integrate reporting into software development workflows.
Integrate security tooling with large-scale enterprise CI/CD pipelines.
Build and manage tooling and processes to drive efficient DevSecOps operations.
Qualifications
Bachelor’s degree with 7 years experience or Master’s degree with 6 years experience or PhD with 2 years experience.
4+ years of experience in security engineering and/or DevSecOps with a focus on security process automation.
2+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA.
Experience designing, building, and optimizing CI/CD pipelines (such as GitHub Actions and Azure DevOps) for large-scale enterprise environments, including integrating security testing solutions.
Ability to effectively communicate and document technical findings to both technical and non-technical stakeholders.
Experience automating workflows via programming languages such as Python.
Preferred
Experience implementing custom or commercial solutions (such as ASPM tooling) to automate DevSecOps processes, manage scan findings, and integrate with developer workflows.
Experience implementing and maintaining container security in enterprise environments, utilizing industry-leading tools and practices for vulnerability management, image scanning, access control, and runtime protection.
Experience administering Snyk in large enterprise environments.
Experience integrating security tooling and processes with JFrog Artifactory or other artifact repositories.
Proven experience managing, storing, and distributing build artifacts at scale in enterprise environments.
Additional Information The compensation range above reflects the range of possible base pay compensation that AbbVie believes, in good faith, it will pay for this role at the time of posting. Individual compensation will depend on many factors including geographic location. Benefits include paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees, and eligibility for short-term incentive programs.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives, and serving our community. Equal Opportunity Employer/Veterans/Disabled.
#J-18808-Ljbffr
Senior DevSecOps Engineer
to join our Information Security team. The role involves the implementation and administration of application security tooling, integration of scanning into CI/CD pipelines, and building automated finding management technologies to facilitate developer remediation activities.
Base pay range $106,500.00/yr - $202,500.00/yr
Responsibilities
Implement and maintain Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify vulnerabilities and configuration issues during the software development lifecycle.
Implement and maintain tools (such as Application Security Posture Management/ASPM) to centralize and deduplicate findings from multiple solutions and integrate reporting into software development workflows.
Integrate security tooling with large-scale enterprise CI/CD pipelines.
Build and manage tooling and processes to drive efficient DevSecOps operations.
Qualifications
Bachelor’s degree with 7 years experience or Master’s degree with 6 years experience or PhD with 2 years experience.
4+ years of experience in security engineering and/or DevSecOps with a focus on security process automation.
2+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA.
Experience designing, building, and optimizing CI/CD pipelines (such as GitHub Actions and Azure DevOps) for large-scale enterprise environments, including integrating security testing solutions.
Ability to effectively communicate and document technical findings to both technical and non-technical stakeholders.
Experience automating workflows via programming languages such as Python.
Preferred
Experience implementing custom or commercial solutions (such as ASPM tooling) to automate DevSecOps processes, manage scan findings, and integrate with developer workflows.
Experience implementing and maintaining container security in enterprise environments, utilizing industry-leading tools and practices for vulnerability management, image scanning, access control, and runtime protection.
Experience administering Snyk in large enterprise environments.
Experience integrating security tooling and processes with JFrog Artifactory or other artifact repositories.
Proven experience managing, storing, and distributing build artifacts at scale in enterprise environments.
Additional Information The compensation range above reflects the range of possible base pay compensation that AbbVie believes, in good faith, it will pay for this role at the time of posting. Individual compensation will depend on many factors including geographic location. Benefits include paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees, and eligibility for short-term incentive programs.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives, and serving our community. Equal Opportunity Employer/Veterans/Disabled.
#J-18808-Ljbffr