Careers

DevSecOps Engineer

At Hugo, the DevOps team is tasked with supporting day-to-day operation and maintenance of the Hugo Health platform. Creativity and ingenuity are key to this role. The problems we solve help deploy the software faster and safer, while making the underlying infrastructure stronger and more reliable. Pipelines, infrastructure-as-code, repository branching strategies, and guiding the teams concerning best practices are just some of the things we are tasked with.  When we do our jobs successfully, no one ever sees the work we’ve done. 

The DevSecOps role on this team will be responsible for taking these job duties on step further. The ideal DevSecOps candidate would be comfortable with API security, AWS security, implementing AWS tools to automate the process of monitoring and remediating security issues, and alerting on issues that can’t be automatically remediated. This candidate would also be comfortable in Kubernetes, implementing policies that ensure the cluster and the workloads hosted follow security best practices.

Our platform is comprised of microservices, making it a great fit for Kubernetes. We deploy these APIs and apps using tools such as Terraform and Ansible. Pipelines are key to keeping the code flowing from developers to production and Azure DevOps has been chosen to perform this duty. Metrics will give us insight into how well things are going and performing team analysis such as value stream mapping will give us the data to identify and eliminate waste. 

 The ideal DevSecOps candidate would have a firm grasp on core DevOps concepts and be an advocate of Agile methodologies, knowing how to implement them throughout the entire SDLC. They would understand the benefits of CI/CD and can identify ways to improve the overall flow of code. Must be comfortable working on your own on basic DevOps tasks. They must also be familiar with the tools of the trade such as Kubernetes, Docker, Terraform, and AWS. Security is also very important to our platform, so an understanding of the tools provided by AWS along with knowledge of third-party tools such as Anchore will help candidates really stand out. Because Hugo is a remote company, strong time management and written communication skills are essential to success in this role. The ideal candidate would be comfortable explaining complex subjects and procedures to team members through chat or Zoom calls.

Who are we looking for?

  • Organized and analytical, adept at working in a high-performing team environment, able to follow a project schedule, have a continuous improvement mindset and are capable of handling multiple priorities concurrently.

  • Someone who is always asking "How can we do this better? How can we improve? How can we make sure this never happens again?" and does not lean on the status-quo.

What you will do

  • Create and maintain pipelines in Azure DevOps

  • Create and maintain Git repositories in Azure DevOps

  • Manage repository and pipeline permissions

  • Write Infrastructure-as-Code to deploy both current and new apps

  • Manage AWS Organization and child accounts

  • Manage users within AWS

  • Manage security in AWS using GuardDuty, Dome9, and other tools.

  • Implement container scanning tools such as Anchore and Harbor

  • Work with development team to implement security best-practices for APIs

  • Write network policies for Kubernetes

  • Use Istio to monitor traffic into and inside Kubernetes cluster

  • Monitor health of Kubernetes clusters, identifying issues and suggesting changes to keep the platform healthy

  • Assist developers with creating and managing Docker images for the APIs and apps they develop

  • Analyze pipelines to identify areas of where we can gain performance

  • Deploy monitoring tools to Kubernetes such as Prometheus and Grafana

  • Design governance strategies to enforce cloud resource policies

  • Strong Bash skills

  • Familiar with programming languages (Node.js, Python)

  • Implement artifact repository

  • Desire to continue learning about new technologies and methodologies

  • Assist development team with issues that arise

  • Work closely with QA team to develop testing strategies

  • Troubleshoot and fix production issues as needed

  • Work with a remote team across multiple time zones

  • Document systems, IaC, and governance polices

Desired Skills

  • Bash/Linux environment

  • Azure DevOps

  • Terraform

  • Git

  • AWS

    • ECR

    • EKS

    • S3

    • IAM Roles and Policies

    • GuardDuty

    • Dome9

    • CloudWatch

    • CloudTrail

    • Organizations

    • Docker

  • Basic networking

  • Security Automation

  • HTTP protocol

  • Nginx

  • TLS/SSL implementation

  • Cert-manager

  • Strong communication skills (written and verbal)

  • Prometheus/Grafana Monitoring and Alerting

  • Kubernetes resource management

  • Multi-AZ redundancy strategies

  • Application ingress filters/rules

Minimum Requirements

  • 1 year experience in a DevSecOps role

  • Experience with API Security

  • Familiarity with AWS Cloud Security

  • Container Security

  • Kubernetes Best Practices

 Preferred Requirements

  • 2 years experience in a DevSecOps role

  • Relevant Security Certifications

  • AWS Certified Associate in any of the 3 disciplines

Education

  • Bachelor’s degree in CS or equivalent work experience

Resumes may be sent to Casey Gager