Zillow Group’s Engineering and Development team is passionate about building and configuring secure, well-designed, automated systems for Zillow Group! These systems increase employee productivity, security, and scalability so that each person in the Zillow Group environment is equipped to perform their daily job functions. Our platforms consist of both first party and third party cloud applications to support our dynamic environment.
The Senior DevSecOps Engineer is responsible for assessing the security of applications for business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Considered a highly knowledgeable individual, the application security engineer is encouraged to recommend programmatic controls, and supervise and lead secure development practices to address modern day issues. Application security engineers think like attackers, but always acts with integrity and do not abuse their privilege!
As a Senior DevSecOps Engineer, you will:
Focus on automation to aid in efficiencies with both testing and remediation of findings.
Work in tandem with developers to provide repetitive validation testing prior to production while allowing for a continuous cycle of development followed by application security assessments.
Regularly monitor the security community for public-facing security issues, as well as to learn new tactics that can be used in testing.
Use security standards and implementation configurations, as well as common security frameworks.
Prepare for and manage bug bounty programs.
Document delivery and implementation advances that meet defined service-level agreements (SLAs) and business metrics.
Train developers and junior application security engineers on weaknesses to avoid.
Highly engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with SLAs.
Work in tandem with architects, the security operations center (SOC), incident responders (when anomalous activity and host compromise occurs), and technology infrastructure and development team members.
Respond to and handle service and escalation tickets within SLA expectations.
Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.
Drive security efficiencies, enabling security team members to work on more advanced tasks.
Conduct performance testing to stress the limitations of security solutions while ensuring business innovation and day-to-day processes are not negatively impacted.
This role has been categorized as a Remote position. “Remote” employees do not have a permanent corporate office workplace and, instead, work from a physical location of their choice which must be identified to the Company. Employees may live in any of the 50 US States, with limited exceptions. In certain cases, an employee in a remote-designated job may need to live in a specific region or time zone to support customers or clients as part of their role.
In California, Colorado, Connecticut, Nevada, New York City and Washington the standard base pay range for this role is $124,700.00 – $199,300.00 Annually. This base pay range is specific to California, Colorado, Connecticut, Nevada, New York City and Washington and may not be applicable to other locations.
In addition to a competitive base salary this position is also eligible for equity awards based on factors such as experience, performance and location. Actual amounts will vary depending on experience, performance and location.
5+ years of proven experience in cybersecurity, including compliance and risk management with a system and network security engineering background.
Highly technical and analytical experience, with a proven deep background (preferred 5+ years’ in addition to cybersecurity) in application programming.
Experience in threat modeling applications.
Excellence in communicating business risk from cybersecurity issues.
Proficiency in software development (Java, Python, C++, Ruby, etc.).
Solid understanding of network and web protocols.
Experience with security of intra-company and third-party APIs.
Experience with dynamic and static analysis tools.
Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
Experience with applications hosted in Amazon Web Services (AWS) or Google Compute Platform.
Experience with cryptography controls and measures to secure applications and data. Proficiency with scripting in Python, JavaScript, PowerShell, PHP or Ruby.
DevOps background in public and private clouds.
Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2.
Working knowledge of Windows, Linux and Unix.
Zillow is reimagining real estate to make it easier to unlock life’s next chapter.
As the most-visited real estate website in the United States, Zillow® and its affiliates help movers find and win their home through digital solutions, first class partners, and easier buying, selling, financing and renting experiences. Millions of people visit Zillow Group sites every month to start their home search, and now they can rely on Zillow to help make it easier to move. The work we do is helping people move from dreaming to transacting — and no matter what job you’re in, you will play a critical role in making this vision a reality.
Our efforts to streamline the real estate transaction are supported by a deep-rooted culture of innovation, our passion to redefine the employee experience, a fundamental commitment to Equity and Belonging, and world-class benefits. We’re also setting the standard for work experiences of the future, where our employees are supported in doing their best work and living a flexible, well-balanced life. But don’t just take our word for it. Read recent reviews on Glassdoor and recent recognition from multiple organizations, including: the 100 Best Companies to Work For in 2022 list, Glassdoor Employees’ Choice Award, honoring the Best Places to Work in 2022, Bloomberg Gender-Equality Index 2022, Human Rights Campaign (HRC) Corporate Equity Index and Best Place to Work for LGBTQ Equality 2022, and TIME 100 Most Influential Companies list.
Zillow Group is an equal opportunity employer committed to fostering an inclusive, innovative environment with the best employees. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please contact us at [email protected].
Applicants who receive job offers from Zillow Group will be asked to sign a Proprietary Rights Agreement which includes confidentiality, intellectual property assignment, customer and employee non-solicitation, and non-competition provisions. If you are contacted for a role at Zillow Group and wish to review a copy of the Proprietary Rights Agreement prior to receiving an offer, you may request a copy from your Recruiter.
At BioAgilytix, we are passionate about premier science and the impact it has on our world. Our team of highly...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> We are looking for multiple Help Desk/IT Product Support Representatives to join our team to...
Apply For This JobAbout the Department The Clinical, Medical and Regulatory (CMR) department at Novo Nordisk is one of the most diverse and...
Apply For This JobJob Description2023 will potentially see Sandoz become a standalone organization! Already a global market leader in Generics and Biosimilar medicine,...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Answers phone support line for IT Service Desk for initial first call resolution of incidents/requests...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Position: SharePoint Specialist Sr. Location: Hybrid/Golden, Colorado Job Description Summary: Kelly Government Solutions is in...
Apply For This Job