Job details

Senior DevSecOps Engineer

Get a free resume review

Vistar Media is the home of out-of-home (OOH). As a global ad tech company and the world's largest digital out-of-home (DOOH) advertising marketplace, we offer technology designed to make buying and selling OOH media easier. Our goal is simple: to help the world's marketers leverage OOH's unique ability to motivate and delight.

From strategic partnerships with major media owner networks to executing impactful campaigns with renowned global brands such as Nestlé, Porsche, Target, and Levi's, our team is filled with passionate, innovative, and collaborative problem solvers, engaging and entertaining consumers like you in the real world. Find your home in out-of-home - find your people at Vistar.

About the role:

We are seeking a Senior DevSecOps Engineer, with extensive experience in security vulnerability remediation, cloud infrastructure, and strategic planning. The ideal candidate is adept at identifying and fixing security vulnerabilities in codebases written in languages such as Python, TypeScript, Go, Java, and Scala. This role is ideal for a Software Engineer with a focus on Security, who thrives working independently and collaborating in a cross-functional environment with multiple engineering teams, leadership, and non-technical peers. This is a great opportunity to join an innovative company that prioritizes security and continuous improvement.

What you'll do:

Security & Vulnerability Management:
- Conduct code reviews, static and dynamic application security testing (SAST and DAST), and penetration testing to identify vulnerabilities and recommend remediation strategies.
- Implement automated security testing and monitoring tools to maintain a robust security posture.
Cloud Infrastructure:
- Design, deploy, and manage secure cloud infrastructure solutions.
- Integrate security best practices across cloud services and platforms.
Collaboration & Communication:
- Excel in a strong, collaborative work environment while effectively managing independent tasks.
- Provide technical guidance and mentorship to junior team members and peers.
- Collaborate with development, operations, and product teams to plan and implement security enhancements.
Security Tooling & Monitoring:
- Manage and optimize security tooling including SIEM systems, vulnerability scanning tools, and Zero Trust Architecture (ZTA) VPN solutions.
- Leverage related services to ensure comprehensive threat detection, incident response, and secure remote access.
Continuous Improvement:
- Stay updated with the latest trends, tools, and best practices in DevSecOps.
- Drive process improvements and advocate for security-first development practices across teams.

What experience we're looking for:

Bachelor's Degree in a technical field (e.g. engineering, computer science, etc.), or equivalent practical experience.
8+ years of professional work experience as a developer.
3+ years of work experience in software development and fixing security vulnerabilities in languages such as Python, TypeScript, Go, Java, and Scala.
5+ years of work experience in DevSecOps or other security-focused software development role, with a strong focus on cloud infrastructure.
Expertise in public cloud platforms (AWS - preferred, Azure, GCP, etc) and related security services.
Proficiency with security tooling including IDS, IPS, SIEM, Zero Trust Architecture (ZTA VPN), and related services.
Familiarity with automation tools, CI/CD pipelines, and containerization technologies.
Strong understanding of security protocols and technologies (TLS, HTTPS, OAuth, etc).
Deep understanding of security frameworks and compliance standards.

Who you are

Proven history of succeeding in challenging projects that have a significant impact on the organization’s overall security posture.
Thrive off opportunities for professional growth and career advancement in a fast-paced, technology-driven setting.
Enjoy a strong, collaborative work environment that values teamwork and open communication.
Excellent problem solving skills and attention to detail.
Demonstrated ability to work both independently and collaboratively in a dynamic environment.
Strong communication skills with the ability to communicate security risks and recommendations effectively to technical and non-technical stakeholders.

What we offer:

Flexible, fun start-up environment and culture
An approachable and accessible C-Suite.
Comprehensive health benefits.
401k + match.
Quarterly Lifestyle Stipend.
Unlimited PTO and summer Fridays.
Company-wide and team specific entertainment budgets for both in-person and virtual team building.
A flexible hybrid work environment, with a fully stocked kitchen, weekly catered lunches, and casual attire while in office.
Sponsored Volunteer Events and Vistar Gives Back program.
An awesome and supportive bunch of people to work with and learn from.

Recruiting fraud is a serious issue facing jobseekers. Please be aware that Vistar Media would never require personal information (such as bank account information) during the interview process. Should an employee from Vistar Media reach out to you, that communication will come from an @vistarmedia.com email address. During a typical interview process, you will have several phone, video, and/or in-person interviews with multiple Vistar Media employees before a hiring decision is made. We do not require payment from applicants for training or other costs incurred, nor do we offer compensation before hiring.

If you’re ambitious, highly driven, and interested in making an impact, Vistar is the place for you. Apply to join our team… we’ll see you out there.

Vistar Media Glassdoor Company Review

4.5

Vistar Media DE&I Review

4.3

CEO of Vistar Media

Michael Provenzano

Approve of CEO

Average salary estimate

$122500 / YEARLY (est.)

min

max

$100000K

$145000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Senior DevSecOps Engineer, Vistar Media

At Vistar Media, we're on the lookout for a seasoned Senior DevSecOps Engineer to join our energetic team in Philadelphia. As a leading force in digital out-of-home advertising, our mission revolves around making the experience of buying and selling OOH media seamless for marketers. In this role, you'll become an integral part of our efforts to ensure top-notch security within our innovative products. Your day-to-day will involve conducting thorough code reviews, implementing automated security testing, and managing our secure cloud infrastructure. With your deep knowledge in languages like Python, TypeScript, Go, Java, and Scala, you'll be strategizing ways to identify and mitigate security vulnerabilities, all while mentoring junior team members and collaborating across multifaceted teams. We're not just about securing code; we also embrace ongoing improvement, keeping you at the forefront of emerging trends in DevSecOps. Joining Vistar means you're part of a culture that's agile, collaborative, and always striving for excellence. If you're someone who thrives in a fast-paced environment, values teamwork and open communication, and hopes to make a tangible impact, we'd love to hear from you! Get ready to take your career to new heights in a company that genuinely cares about its people and their growth.

Frequently Asked Questions (FAQs) for Senior DevSecOps Engineer Role at Vistar Media

What are the key responsibilities of a Senior DevSecOps Engineer at Vistar Media?

As a Senior DevSecOps Engineer at Vistar Media, you'll be responsible for conducting security assessments including code reviews, static and dynamic application security testing, and ensuring vulnerability remediation. You'll also be tasked with designing and managing secure cloud infrastructure solutions while integrating security best practices across various platforms. Collaboration is key, as you'll work closely with other engineering teams and provide mentorship to junior developers.