Senior DevSecOps Engineer
Wellington, New Zealand
A bit more about us
Arlo is an award-winning global business with our HQ in Wellington, New Zealand and offices in the UK and Canada.
We believe that human interaction is still at the heart of effective learning. Blending that philosophy with the latest elearning tech, Arlo is fast becoming the preferred solution of choice for commercial training providers globally.
Arlo has been developed as the definitive tool to run a training operation, helping our clients save time, grow sales and transform the way their training is delivered. With customers in over 70 countries and processing over $1B since conception, Arlo is the realisation of that vision.
While our customers are as critical to our success as we are to theirs, our people are the heart and soul of Arlo. We aren’t just a group of people who work together. We connect and care about each other. We have fun and we work through the challenges together. We are committed to providing an excellent working environment that supports a balance between work, family and personal life while still driving productivity and connection.
What you’ll do
As a DevSecOps Engineer at Arlo, you will maintain, secure, and automate Arlo’s development processes, systems, and cloud infrastructure. You will monitor and maintain Arlo’s production systems; design, implement and maintain CI/CD pipelines for test automation and deployments; support and facilitate engineering team processes with a focus on security (including code reviews); and evangelise the DevSecOps culture.
You will be responsible for:
- Ongoing monitoring of Arlo’s production architecture, checking for performance, compliance and security.
- Maintaining and improving the infrastructure within the cloud environment with a focus on access control, network security, uptime, and utilising automation tools.
- Implementing network monitoring, analysis, troubleshooting and configuration control technologies.
- Identifying and deploying cybersecurity measures by continuously performing vulnerability assessments, risk management, and participating in regular review meetings as part of security compliance.
- Developing software and software security guidance including best practices, secure coding checklists, reusable code.
- Implementing security testing processes and tools within development, and integrating security into a CI/CD pipeline.
- Mitigating application vulnerabilities through software best practices and IaC (Securing Network Protocols, OWASP, CIS controls)
- Triaging vulnerabilities discovered by our scans, pentests, disclosures from security researchers, and helping remediate them on a timely basis.
- Working to resolve issues and problems with systems and software, coordinating incident responses, performing root cause analysis, and implementing mitigating actions.
- Continuously improving Arlo’s DevSecOps processes, including investigating and recommending new technologies and frameworks, and implementing changes to our existing technologies and infrastructure.
- Participating in design and code reviews to verify and validate changes to software code related to infrastructure, security, or deployment processes.
- Mentoring the development team on best practices and improving automation of manual development processes.
- Working with the CTO and other stakeholders to plan the evolution of software and IT systems.
- Working with the CISO to help define and implement the Security and Privacy Continuous Improvement Plan for the Arlo platform.
- Staying on top of industry best practices and trends, as well as changes to compliance requirements.
- Participating in our rotating 24/7 on-call roster, ensuring the health and reliability of our platform.
Experience & Capabilities
- At least 5 years development experience
- Experience working in an AWS environment, using Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.
- Experience working with Azure DevOps build and release pipelines.
- Experience with SRE (Site Reliability Engineer) responsibilities, managing a production system and diagnosing/fixing the various problems that occur in those systems.
- Experience working with security and compliance processes and monitoring tools, including application security testing, code package dependency and OSS scanning tools.
- Experience working closely in engineering teams, participating in design and code review processes from a DevSecOps and security perspective, and cutting code when necessary.
- Experience working with a Microsoft deployment stack, including .NET, Windows Server, IIS, SQL Server.
- Solid understanding of networking services and concepts, including hands-on troubleshooting experience.
Nice to have (but not essential) experience with:
- Azure Application Insights
- Microsoft Sentinel
Skills & experience
- Educated to degree level preferred but not essential.
- Strong analytical skills, with the ability to translate data into insights.
- Creation of cloud environments using IaC tools.
- Experience with scripting and cross-platform integrations, cloud APIs, service/web hooks.
- Creating pipelines and deploying applications to a cloud environment.
- Creating and maintaining programmatic and technical documentation.
- Reporting and mitigation of security vulnerabilities.
- Excellent communication and interpersonal skills.
- Comfort in a startup environment where you need to move quickly and wear many hats.
- Results-driven mentality, self-motivated, enthusiastic and with a “can do” attitude.
What we can offer you
As well as a competitive salary and the typical perks you’d expect from a tech company (free soft drinks, flash coffee machine, fresh fruit and on-site massages), one of the best things about Arlo is our people. You’ll join an inclusive, diverse and supportive team with talented people from across the globe.
We also have:
- A flexible and hybrid working environment
- A brand new office on the Petone office – coming soon!
- Birthday leave
- Career opportunities with a strong record for promoting internally
- Access to Perkbox employee benefits platform
- Free flu jabs
- Access to EAP
- Employee referral bonuses
Please apply now with your CV and a cover letter letting us know a bit about you and what you would bring to the role. We are reviewing applications as we go, so apply today.