DevSecOps Engineer

About The Position:

We’re looking for an experienced DevSecOps Engineer to join our team and verify that our cloud environments and CI/CD flows are secured and structured according to best practices.

As a SecDevOps Engineer, you’ll lead Elementor’s security efforts around our dynamic and fast-paced production environments. You’ll define and create operation tools and processes, and play a hands-on role in directly impacting work across all R&D flows.

Responsibilities:

• Secure and monitor live production environments
• Perform security drilldowns and investigations
• Act as a subject matter expert and manage security incidents across all organizational environments
• Implement monitoring and alerting procedures and mechanisms
• Design and implement automation processes for security monitoring and incident response-related flows
• Design, implement, and develop security solutions according to R&D/production needs
• Work with Elementor’s R&D teams and architects to design, enhance, and implement best-of-breed security topologies
• Identify new security threats, and trends by conducting continuous monitoring, vulnerability assessments, and log analyses
• Conduct regular internal and external security assessments, vulnerability scans, and penetration testing of systems and applications to identify and remediate security weaknesses and threats
• Manage Elementor’s bug bounty program
• Maintain documentation of security processes, procedures, and configurations
• Generate regular reports on security metrics, compliance, and incident response activities for management and stakeholders

Requirements:

• 3+ years of hands-on DevOps experience in a cloud environment
• 1+ years of relevant industry experience in security, with a solid knowledge of information security principles and practices
• In-depth understanding and proven experience in security monitoring and analytics
• AppSec - Knowledge of SSDLC best practices around application security
• Strong understanding of cybersecurity and network principles

Advantages:

• Solid understanding of GCP security-related services
• Solid understanding of security/operations infrastructure
• Experience with Kubernetes, containers, and serverless security
• Experience with large-scale cloud infrastructures and services
• Experience integrating security into CI/CD pipelines
• Experience leading integration processes for SIEM systems
• Experience with incident response (IR) attacks and mitigation methods
• Experience building tools and processes using Python or Go to address security-related needs
• Experience running forensic investigations
• Experience with penetration testing or security research

What do we do?

Elementor is the leading website-building platform for WordPress professionals.

Our vision is to empower web creators - developers, designers, and marketers, with the ability to create their future one pixel at a time. We provide our users with everything they need to succeed.

A new website is created every 10 seconds using Elementor!

Since we launched in Israel in 2016, we have expanded to more than 180 countries, with more than 13M websites powered by Elementor. More than 10% of all websites around the world are built using Elementor!

How do we do it?

At Elementor, we’re building the future of web creation.

We believe in empowering our employees and our users, enabling people to grow.

Creativity, professionalism, curiosity, motivation, and friendship are the driving force behind our journey, and we take great pride in the people of Elementor who lead the company’s constant scaling.