Principal Devsecops Engineer

Updated on 5/17/2024



1,001-5,000 employees

Digital communications capture for regulated firms

Data & Analytics
Government & Public Sector


Portland, OR, USA

Required Skills
  • Bachelor's degree in Computer Science, Information Technology, or related field
  • Minimum of 9+ years of IT experience
  • 7+ years of dedicated security experience
  • Expertise with container technologies & orchestration platforms (Docker/Kubernetes)
  • Deep expertise in network security, network technologies, & monitoring tools
  • Extensive experience in delivering security tests across CI/CD pipelines using various testing methodologies
  • Strong background in developing security practices for multiple Infrastructure-as-a-Service (IaaS) platforms
  • Thorough experience in configuration management technologies
  • Proficiency in build & packaging processes in a Linux/Java environment
  • Advanced programming & scripting skills (Python, Ruby, GO, Bash, etc.)
  • Hands-on experience in designing & implementing security solutions
  • Effective communication skills
  • In-depth understanding of cybersecurity principles, practices, & methodologies
  • Familiarity with common cyber threats, attack vectors, & vulnerabilities
  • Proficient with incident response procedures & best practices
  • Expert with vulnerability management tools & practices
  • Knowledge of cryptographic protocols & key management
  • Proficiency in scripting languages to automate security tasks
  • Dedication to staying updated with the latest security trends, tools, & techniques
  • Proficiency in creating clear & comprehensive security documentation, reports, & procedures
  • Familiarity with relevant regulations & industry standards
  • Provide expert guidance on security architecture, technologies, & best practices
  • Lead the design & implementation of complex security solutions for web applications & APIs
  • Conduct in-depth risk assessments, security reviews, & threat modeling
  • Collaborate with cross-functional teams to integrate security into the software development lifecycle
  • Define & enforce security policies, standards, & procedures
  • Lead incident response & forensic investigations for security incidents
  • Provide subject matter expertise in security-related discussions
  • Drive security automation initiatives
  • Lead red team exercises & vulnerability assessments
  • Collaborate with executive leadership to align security initiatives with business goals
  • Collaborate with legal & compliance teams to ensure adherence to privacy regulations
  • Lead the development & maintenance of incident response plans
  • Represent the organization during audits & compliance assessments
  • Lead the creation of security documentation & training materials
  • Educate developers on secure coding best practices
  • Collaborate with teams to design & implement security controls

At Smarsh, employees are at the forefront of developing and implementing cutting-edge digital communication preservation technologies for some of the most regulated industries, including top financial and governmental entities. This focus on crucial and sophisticated technologies offers employees the chance to work in a dynamic environment that is pivotal in managing regulatory and reputational risks. Working at Smarsh means being part of a team that supports major global clients in navigating complex compliance landscapes, providing a unique and valuable experience in the industry.

Company Stage

Series D

Total Funding



Portland, Oregon



Growth & Insights

6 month growth


1 year growth


2 year growth