Skip to main content

DevSecOps Specialist

Security

Job Summary :

Equifax is looking for a DevSecOps Specialist for Equifax Workforce Solutions.  In this Information Security Office role, partnering with our Technology Teams, you will ensure that the proper security controls are built into every phase of the product development process, that these controls are effective, and that the Security and Technology teams increase in efficiency, scale, and maturity together over time.  This person must be able to work from our Saint Louis, MO Office location.

   

What you'll Do :  

  • Engage directly with our development teams, guiding their technical leaders in performing security responsibilities, growing their proficiency, and validating their work.  

  • Responsible for security focused implementations and improving the security profile of your given area of responsibility.

  • Function as our expert in evaluating risk and determining remediation strategies for security issues occurring in software, middleware, libraries, and other third-party dependencies.

  • Guide and evaluate development teams on proactive security practices, including but not limited to threat modeling, security analysis of use cases, and the motivations, tools, techniques, and processes of various types of adversaries

  • Lead periodic assessment of Engineering’s SSDLC competency, directly drive improvements therein, and report out to technology and security leaders .

  • Review static and dynamic code analysis tools

  • Guide teams on effective use and response to findings in the  code scanning tools.

  • Share defensive programming techniques, the OWASP Top 10, and other common software security patterns and anti-patterns with engineering teams. 

  • Engage directly with the teams on how to close software security findings (Fortify, pen tests) and implement practices that can help them avoid future findings.

  • Assist security colleagues in evaluating the business and security risk of software security vulnerabilities.

  • Suggest practical, effective, and scalable mitigation strategies for short and long term situations.

  • Create a vibrant, motivated, passionate community of senior developers, Security Champions who will be responsible for driving mature security practices among the developers and other staff in their Squads

  • Establish and grow intellectual curiosity for software security in the organization, and help management to establish effective incentives which result in more secure products and code.

  • Build relationships with senior technology leaders, seeking their feedback, building a software security program that integrates well into their established tools, workflows, and practices, realizing that the most successful change efforts empathize with the communities they affect.

  • Integrate flawlessly with the Equifax corporate product security team, who is responsible for the global software security and SSLDC programs. 

  • Consuming their products and processes, advancing the adoption of their standards into Workforce Solutions. 

What You’ll Need:

  • At least 8 years experience as a software developer and development operations, building and shipping code ( Full stack Java, C#,CI/CD, Automation)

  • 3+ yrs  of  experience in applying software security practices throughout the development lifecycle. 

  • 2+ yrs of experience in cloud-native environments.

  • 1 yr of experience working in an Agile environment

 

What can set you Apart :

  • Bachelor of Science in Computer Science, Computer Engineering, Electrical Engineering, or a related field preferred.

  • Experience in construction and delivery of solutions on the Google Cloud Platform, Azure or AWS .

  • Previous experience directly configuring and operating security controls such as WAF, SAST, DAST, API protection, authentication gateway, certificate management, etc.

  • Information security experience with a particular emphasis on application security. How to assess vulnerabilities in software, how to determine risk, how to mitigate and remediate various software vulnerabilities.

  • Engineering experience in secure development practices, such as threat modeling, development of use and abuse cases, key patterns and anti-patterns that drive secure software, successful habits, common mistakes, etc.

We offer comprehensive compensation and healthcare packages, 401k matching, paid time off, and organizational growth potential through our online learning platform with guided career tracks.

 

If this sounds like somewhere you want to work, don’t delay, apply today - we’re looking for you!

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Who is Equifax? 

At Equifax, we believe knowledge drives progress. As a global data, analytics and technology company, we play an essential role in the global economy by helping employers, employees, financial institutions and government agencies make critical decisions with greater confidence. ​​​​​​​ 

We work to help create seamless and positive experiences during life’s pivotal moments: applying for jobs or a mortgage, financing an education or buying a car. Our impact is real and to accomplish our goals we focus on nurturing our people for career advancement and their learning and development, supporting our next generation of leaders, maintaining an inclusive and diverse work environment, and regularly engaging and recognizing our employees. Regardless of location or role, the individual and collective work of our employees makes a difference and we are looking for talented team players to join us as we help people live their financial best. 

Working at Equifax

We believe in a growth mindset. At Equifax, this includes providing our employees opportunities to perform at their best and learn new skills along the way to inspire and build fulfilling careers.

Learn More

Laptopv2

Join our talent community

Learn about upcoming career opportunities and events at Equifax

Sign Up