Fisher Investments
The Opportunity
It's an exciting time to be a member of the Fisher Investments Technology Department. We're investing in the future of our firm’s technology and are building our team to achieve global growth. We are looking for a Information Security Engineer (DevSecOps) to support our Corporate Systems team. If you are looking for an opportunity to make a difference as we develop scalable and strategic solutions to support our global growth, we want to hear from you!
Day-to-Day
Develop and manage the configuration, maintenance, and operations of DevSecOps related security services including GitHub Advanced Security and Terraform
Frequent interaction with all Information Security Teams, Technology, Project, and Governance teams to assist and implement Secure CICD pipeline practices, controls, and vulnerability response
Use analytical, and technical knowledge, to assess and propose cyber security risk remedies related to DevSecOps
Participate actively in development of secure coding standards, principles, architecture and standards, leveraging experience in NIST, CIS, ISO, and other international standards
Identify areas for improvement proactively and support the DevSecOps effort in standardizing processes
Contribute to the success of the Information Security DevSecOps program within the firm by supporting the various teams and customers in the implementation of good security practices
Analyze security controls and make recommendations for changes or improvements
Develop and manage initiative level artifacts, including architectural diagrams, implementation planning
Your Qualifications
5+ years of experience in Technology/Security space
2+ years IT/Information Security Infrastructure & IT Operations experience in the following areas: DevSecOps CICD Pipeline Development & Management, Vulnerability Management & Incident Response, Azure/AWS Cloud Environments, Identity & Access Management, Network Security Management, SaaS/PaaS Control Development & Management, Public Key Infrastructure Management
1-2 years DevSecOps related disciplines: Best Practices for Secure Coding in C#, Java, Python; Detection, analysis, and response of insecure code methods and vulnerable dependencies; Infrastructure as code for Azure or AWS
Why Fisher Investments We work for a bigger purpose: bettering the investment universe. We take great pride in our inclusive culture, our learning and development framework customized for every employee, and our Great Place to Work Certification. It's the people that make the Fisher purpose possible, and we invest in them by offering exceptional benefits like:
100% paid medical, dental and vision premiums for you and your qualifying dependents
A 50% 401(k) match, up to the IRS maximum
20 days of PTO, plus 10 paid holidays
Family Support programs including 8 week Paid Primary Caregiver Leave, $10,000 fertility, family forming, and hormonal health assistance, and back‑up child, adult, and elder care
This is an in‑office role. Based on your role, tenure, and performance eligibility you may have the opportunity to participate in our hybrid work from home program. This program is subject to change.
FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER
#J-18808-Ljbffr
Day-to-Day
Develop and manage the configuration, maintenance, and operations of DevSecOps related security services including GitHub Advanced Security and Terraform
Frequent interaction with all Information Security Teams, Technology, Project, and Governance teams to assist and implement Secure CICD pipeline practices, controls, and vulnerability response
Use analytical, and technical knowledge, to assess and propose cyber security risk remedies related to DevSecOps
Participate actively in development of secure coding standards, principles, architecture and standards, leveraging experience in NIST, CIS, ISO, and other international standards
Identify areas for improvement proactively and support the DevSecOps effort in standardizing processes
Contribute to the success of the Information Security DevSecOps program within the firm by supporting the various teams and customers in the implementation of good security practices
Analyze security controls and make recommendations for changes or improvements
Develop and manage initiative level artifacts, including architectural diagrams, implementation planning
Your Qualifications
5+ years of experience in Technology/Security space
2+ years IT/Information Security Infrastructure & IT Operations experience in the following areas: DevSecOps CICD Pipeline Development & Management, Vulnerability Management & Incident Response, Azure/AWS Cloud Environments, Identity & Access Management, Network Security Management, SaaS/PaaS Control Development & Management, Public Key Infrastructure Management
1-2 years DevSecOps related disciplines: Best Practices for Secure Coding in C#, Java, Python; Detection, analysis, and response of insecure code methods and vulnerable dependencies; Infrastructure as code for Azure or AWS
Why Fisher Investments We work for a bigger purpose: bettering the investment universe. We take great pride in our inclusive culture, our learning and development framework customized for every employee, and our Great Place to Work Certification. It's the people that make the Fisher purpose possible, and we invest in them by offering exceptional benefits like:
100% paid medical, dental and vision premiums for you and your qualifying dependents
A 50% 401(k) match, up to the IRS maximum
20 days of PTO, plus 10 paid holidays
Family Support programs including 8 week Paid Primary Caregiver Leave, $10,000 fertility, family forming, and hormonal health assistance, and back‑up child, adult, and elder care
This is an in‑office role. Based on your role, tenure, and performance eligibility you may have the opportunity to participate in our hybrid work from home program. This program is subject to change.
FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER
#J-18808-Ljbffr