Job Description
Overview:
At Zebra, we are a community of innovators who come together to create new ways of working. United by curiosity and a culture of caring, we develop smart solutions that anticipate our customer’s and partner’s needs and solve their challenges.
Being part of Zebra Nation means you are seen, heard, valued, and respected. Drawing from our unique perspectives, we collaborate to deliver on our purpose. Here you are part of a team pushing boundaries today to redefine the work of tomorrow for organizations, their employees, and those they serve.
You’ll have opportunities to learn and lead in a forward-thinking environment, defining your path to a fulfilling career while channeling your skills toward causes you care about—locally and globally.
Come make an impact every day at Zebra.
What We're Looking For:
This is a mid-to-senior level DevSecOps Engineer role focused on embedding and automating security throughout the software development lifecycle (SDLC). The primary objective is to build secure CI/CD pipelines, manage vulnerabilities, and foster a "security-first" culture across development and operations teams. The ideal candidate will have strong expertise in Google Cloud Platform (GCP), containerization, and scripting, bridging the gap between infrastructure automation and regulatory compliance.Key Responsibilities:
- Security Integration: Integrate security practices into the DevOps pipeline, ensuring that security is considered at every stage of the software development lifecycle.
- Automation: Develop and maintain automated security testing tools and scripts to identify vulnerabilities early in the development process.
- Collaboration: Work closely with development, operations, and security teams to promote a DevSecOps culture and ensure secure coding practices are followed.
- Risk Management: Identify, assess, and prioritize security risks and work with teams to mitigate them.
- Compliance: Ensure that the DevSecOps processes comply with relevant security standards and regulations (e.g., ISO 27001, NIST, GDPR).
- Incident Response: Assist in the development and implementation of incident response plans and conduct security drills to ensure readiness.
- Monitoring and Reporting: Implement continuous monitoring solutions to detect and respond to security incidents and generate reports for management and stakeholders.
- Training and Awareness: Conduct training sessions to raise awareness about security best practices among development and operations teams.
- Tool Management: Evaluate, implement, and manage security tools for vulnerability scanning, code analysis, and security monitoring.
- Documentation: Maintain comprehensive documentation of security policies, procedures, and incidents.
Required Qualifications:
- Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Experience:
- Minimum of 5 years of experience in DevOps, DevSecOps, or a related field.
- Proven experience with CI/CD tools (e.g., Jenkins, GCP Deployment manager).
- Strong understanding of security principles and practices, including threat modeling and vulnerability management.
- Technical Skills:
- Proficiency in scripting languages (e.g., Python, Bash, PowerShell).
- Experience with GCP cloud platforms.
- Familiarity with security tools (e.g., Nucleus , Orca).
- Knowledge of containerization and orchestration tools (e.g., Docker, Kubernetes, CloudRun).
- Certifications: Relevant certifications such as GCP or AWS Certified Security are preferred.
- Soft Skills:
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills.
- Ability to work collaboratively in a fast-paced environment.
Preferred Qualifications:
- Experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.
- Knowledge of microservices architecture and related security challenges.
- Understanding of Zero Trust security models and practices.
Benefits:
We understand the importance of work-life balance and wellbeing, which is why we offer flexibility for our teams including: hybrid work, adaptable hours, Summer Flex Fridays, Focus Fridays, and an annual companywide well-being day to promote revitalization and success.
Job Posting Statement:
To protect candidates from falling victim to online fraudulent activity involving fake job postings and employment offers, please be aware our recruiters will always connect with you via @zebra.com email accounts. Applications are only accepted through our applicant tracking system and only accept personal identifying information through that system. Our Talent Acquisition team will not ask for you to provide personal identifying information via e-mail or outside of the system. If you are a victim of identity theft contact your local police department.
AI Technology Statement:
Zebra Technologies leverages AI technology to evaluate job applications using objective, job-relevant criteria. This approach enhances efficiency and promotes fairness in the hiring process. However, every decision regarding interviews and hiring is made by our dedicated team, because we believe people make the best decisions about people. For more on how we use technology in hiring and how we process applicant data, see our Zebra Privacy Policy.