DevSecOps Engineer (Security Team)
We are Semrush, a global IT company developing our own product – a platform for digital marketers.
The Security Team is looking for a new colleague for the position of DevSecOps engineer.
Tasks in the role
Duty (we have several systems that send us alerts), we can’t do without it yet, but we try very hard to minimize the time required for duty through an adequate approach, automation, and good runbooks.
Tasks related to PCI DSS compliance (we have been audited for several years, but there is always a routine + desire to make things even better).
Creation of correlation rules in SIEM, alerts for the rule and response runbooks.
Analyzing and creating security policy for k8s.
Forming requirements and auditing GCP infrastructure for new services.
Integrating new analysis tools into CI/CD.
There are no clear frameworks in the group, all initiatives/improvements/development of systems are discussed, and a roadmap with success criteria is formed. We try not to limit ourselves in the scopes of decisions we choose, we like reasoned arguments, and we always help each other :).
Who we are looking for
Linux administration experience.
Good knowledge of networks.
Automation/programming skills (Bash, Python/Go/PHP).
Understanding of the basics of safety.
Understanding of CI/CD.
They say there are no perfect candidates, but that might well be you, if
Knowledge of GCP.
Ability to work with docker/k8s.
Understanding of DevOps/DevSecOps practices.
The ability to build communication with colleagues from dev teams.
Infrastructure auditing/pentesting skills.
A bit about the team
The group currently consists of three specialists, and we are engaged in the provisioning and development of infrastructure security in the company. Our team has big plans and ambitions. We try to make all decisions jointly. We are missing a colleague who likes to solve complex tasks, who is ready to explore and create new things, who is not afraid to look at the backlog sometimes.
We have several projects underway
Work with the team to develop security practices in GCP and k8s (focus on Policy as Code).
Participate in architecture reviews and audits of new services in terms of infrastructure security.
Integrate security controls with CI/CD.
Develop and help dev teams implement secure secret storage practices (Vault/GCP secret manager).
Participate in the development of an existing SIEM security incident detection and response system based on Splunk ES.
We also have many plans that have yet to be discussed and implemented. There is an opportunity to offer your vision of how we can improve infrastructure security and what opportunities there are for automation.
What challenges you will have to face
We have a very flexible approach, and we always try to find a compromise between the necessary tasks and the interesting ones. We try to set aside a little more time to be able to work through the task well, document everything important, and, if necessary, conduct research.
We will try to create all the right conditions for you to work and rest comfortably
Flexible working day start.
Breakfast, snacks, and coffee at the office.
Multi-sport card and compensation for hobby expense (Employee+Family).
Training, courses, conferences.
English and Czech courses.
Gifts for employees.
Employee Stock Purchase Program.
Finally, a little more about our company
Semrush is a leading online visibility management SaaS platform that enables businesses globally to run search engine optimization, pay-per-click, content, social media and competitive research campaigns and get measurable results from online marketing.
We've been developing our product for 13 years and have been awarded G2's Top 100 Software Products, Global and US Search Awards 2021, Great Place to Work Certification, Deloitte Technology Fast 500 and many more. In March 2021 Semrush went public and started trading on the NYSE with the SEMR ticker.
10,000,000+ users in America, Europe, Asia, and Australia have already tried Semrush, and over 1,000 people around the world are working on its development. The Semrush team is constantly growing.
Our new colleague, we are waiting for you!
Semrush is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based upon race, religion, creed, color, national origin, sex, pregnancy, sexual orientation, gender identity, gender expression, age, ancestry, physical or mental disability, or medical condition including medical characteristics, genetic identity, marital status, military service, or any other classification protected by applicable local, state or federal laws. All employment decisions are based on business needs, job requirements, merit, and individual qualifications.
Talent Acquisition Specialist