Development, Security & Operations Engineer

At Ziply Fiber, our mission is to elevate the connected lives of our communities every day. We are delivering the fastest home internet in the Northwest, with a focus on areas traditionally underserved by mainstream internet companies. And as our state-of-the-art fiber network expands in WA, OR, ID and MT, so does our need for team members who can help us grow and realize our goals.

We may be building internet, but we are reaching real people. We strive to build relationships and provide customers and communities with refreshingly great experiences.

We emphasize our values in all our interactions:

Genuinely Caring: Our customers and colleagues are people, and quite possibly our neighbors. We put ourselves in their shoes and give them our full attention.

Empowering You: We empower our customers to choose the products that best meet their needs, and we support our employees to implement solutions that elevate the experiences of our customers and coworkers.

Innovation and Improvement: We always look for ways to make the experiences of our customers and each other better.

Earning Your Trust: We earn trust by communicating simply and transparently as real people, not as a corporation.

Job Summary

Applicants must be currently authorized to work in the US for any employer. Sponsorship is not available for this position.

The Development, Security, & Operations Engineer is responsible for integrating security into all stages of the software development lifecycle. This role involves designing, implementing, and maintaining security controls across applications and infrastructure while collaborating with development, operations, and security teams. The ideal candidate will ensure secure coding practices, continuous security monitoring, and compliance with industry standards.

Essential Duties and Responsibilities:

The Essential Duties and Responsibilities listed below are a range of duties performed by the employee and not intended to reflect all duties performed.

• Develop and implement security best practices across CI/CD pipelines.
• Automate security scanning and testing to identify vulnerabilities early in the development process.
• Automate security scanning processes, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
• Collaborate with development teams to ensure secure coding practices in Angular, React, NodeJS, and .NET applications.
• Configure and manage GitLab for secure source code repository management and version control.
• Implement security measures in Jenkins and Azure DevOps to ensure safe and efficient CI/CD workflows.
• Utilize VS Code for secure coding and development best practices.
• Manage security configurations and monitoring tools such as Grafana and Kibana.
• Integrate and support security compliance in JIRA for project tracking and development workflows.
• Utilize FIGMA to assess and secure application designs before implementation.
• Implement logging, monitoring, and alerting solutions to detect and respond to security incidents.
• Conduct security assessments and vulnerability scans across applications and infrastructure.
• Stay up to date with emerging security threats and industry trends, applying relevant security measures proactively.
• Provide guidance and training to development and operations teams on security best practices.
• Performs other duties as required to support the business and evolving organization.

Qualifications:

• Bachelors of Science degree in Computer Science, Information Technology, Cybersecurity, or a related technical discipline required.
• Certified Ethical Hacker (CEH) or equivalent security certification required.
• Minimum of five (5) years of experience in DevSecOps, security engineering, or a related cybersecurity role, with a demonstrated ability to secure development pipelines and integrate security into the software lifecycle required.
• In-depth understanding of secure software development lifecycle (SDLC) principles and methodologies.
• Minimum of three (3) years of hands-on experience implementing and managing container security for Docker and Kubernetes (K8s) required.
• Minimum of three (3) years experience utilizing industry-standard security tools for vulnerability scanning, static and dynamic code analysis, and penetration testing required.
• Proficient in front-end and back-end programming languages with at least three years of experience in Angular, React, NodeJS, and .NET.
• Minimum of three (3) years experience developing and maintaining security automation using scripting languages such as PowerShell, Python, Bash, or YAML required.
• Minimum of three (3) years of in-depth experience integrating security controls within CI/CD pipelines using tools such as GitLab and Jenkins required.
• Minimum of two (2) years of experience using monitoring and logging tools such as Grafana and Kibana for observability and threat detection required.
• Minimum of two (2) years experience using tools like JIRA for secure project tracking and FIGMA for secure design collaboration and implementation required.
• Minimum of three (3) years of experience designing and deploying Infrastructure as Code (IaC) security policies using Terraform, Ansible, or AWS CloudFormation required.
• Strong analytical and troubleshooting skills, with a proven ability to identify, assess, and resolve complex security issues.
• Demonstrated ability to communicate effectively with cross-functional teams and stakeholders, including writing and presenting technical security documentation and policies.

Knowledge, Skills, and Abilities:

• Strong organizational, multi-tasking, and prioritizing skills.
• Ability to work independently and apply sound judgment to various situations.
• Ability to work within critical deadlines and collaborate effectively with cross-functional teams.
• Excellent verbal and written communication skills.

Work Authorization

Applicants must be currently authorized to work in the US for any employer. Sponsorship is not available for this position.

Physical Requirements

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking, or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.

Work Environment

Work is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse, and multi-line telephone system. The work is primarily a modern office setting.

At all times, Ziply Fiber must be your primary employer. Unless otherwise prohibited by law, employees may not hold outside employment nor be self-employed without obtaining approval in writing from Ziply Fiber. In holding outside employment or self-employment, employees should ensure that participation does not conflict with responsibilities to Ziply Fiber or its business interests.

Diverse Workforce / EEO

Ziply Fiber is an equal opportunity employer. Ziply Fiber will consider all qualified candidates regardless of race, color, religion, national origin, gender, age, marital status, sexual orientation, veteran status, and the presence of a non-job-related handicap or disability or any other legally protected status.

Ziply Fiber requires a pre-employment background check as conditions of employment. Ziply Fiber may require a pre-employment drug screening.

Ziply Fiber is a drug free workplace.