Logo
Planned Parenthood Federation of America Inc.

Senior Specialist, Information Security DevSecOps

Planned Parenthood Federation of America Inc., Union, New Jersey, us, 07083


Planned Parenthood

is the nation’s leading provider and advocate of high-quality, affordable sexual and reproductive health care for all people, as well as the nation’s largest provider of sex education. With more than 600 health centers across the country, Planned Parenthood organizations serve all patients with care and compassion, with respect, and without judgment, striving to create equitable access to health care. Through health centers, programs in schools and communities, and online resources, Planned Parenthood is a trusted source of reliable education and information that allows people to make informed health decisions. We do all this because we care passionately about helping people lead healthier lives.Planned Parenthood Federation of America (PPFA)

is a 501(c)(3) charitable organization that supports the independently incorporated Planned Parenthood affiliates operating health centers across the U.S.

Planned Parenthood Action Fund

is an independent, nonpartisan, not-for-profit membership organization formed as the advocacy and political arm of Planned Parenthood Federation of America. The Action Fund engages in educational, advocacy, and electoral activity, including grassroots organizing, legislative advocacy, and voter education.Position:

Senior Specialist DevSecOps Architecture and EngineeringThis job reports directly to the Director, DevSecOps Architecture & Engineering in the Information Security division of PPFA. The Office of Information Security provides the strategy and implementation of the information security program that safeguards the data entrusted to Planned Parenthood by its patients, supporters, donors, and staff.Purpose:As a Senior Specialist DevSecOps Architecture and Engineering, you will work within a multi-disciplined team to provide expertise on complex systems. You'll stay up-to-date with the latest Continuous Integration/Continuous Deployment (CI/CD) security standards, systems, and authentication protocols, as well as best practice security products. You'll foster trusted partnerships and relationships with the Digital Products, DevOps, AppDev, and ITOps teams. This will require you to understand the business, its digital strategy, and have a comprehensive awareness of its technology and information needs. You'll ultimately use this knowledge to develop and test security controls, protecting the development pipeline and supporting systems.Key Responsibilities:Security Integration:

Emphasize integrating security seamlessly throughout the software development lifecycle (SDLC). This includes tasks like threat modeling, vulnerability scanning, and secure coding practices.Automation:

Highlight the engineer's responsibility for automating security processes to improve efficiency and reduce manual errors.Collaboration:

Stress the importance of collaboration with developers, security professionals, and operations teams to foster a shared security culture.Compliance:

Ensure adherence to security standards and regulations relevant to your industry and organization.Delivery:Design, build, and manage a scalable threat modeling framework, leveraging automation to integrate application security into the CI/CD pipeline.Work directly with project development teams and ITOps to enable successful project implementation applying the recommended security tools, technologies, and techniques.Stay up to date on new tools & techniques in the information security space.Support an information security solution that is scalable and easy to adapt with changing business requirements.Support DevSecOps security solution integration with various security test tools.Assist with programmatic code review and penetration test applications to decrease potential introduction of vulnerabilities within the code.Engagement:Engage with Digital Products, Applications Development, and senior-level staff within PPFA.Provide technical thought leadership in overall security solution development.Work closely with other technical teams including the ITOps and DevSecOps Architecture and Engineering.Collaborate with AI Community, InfoSec, and Office of General Counsel (OGC).Knowledge, Skills, and Abilities (KSAs):Technical bachelor’s degree and 3+ years of industry experience or equivalent work experience.2+ years of experience working with container security solutions.At least 2 years of experience implementing DevOps tool-chain (Jenkins, SonarQube, GitHub, Nexus, Code quality tools) implementation and automation.Minimum 3 years of experience with scripting and automation.Minimum 3 years of experience with web application and web service implementation.Hands-on experience with application development is required.Expert knowledge of the OWASP framework and application security best practices.TRAVEL:

Up to 10% travel on occasion.Salary:

$82,000 - $88,000 a yearTotal offer package to include generous vacation + sick leave + paid holidays, medical, dental and vision benefits effective day 1, life insurance, short/long term disability, paid family leave and 401k.We value a truly diverse workforce and a culture of inclusivity and belonging. Our goal is to attract qualified candidates and encourage applications from all individuals without regard to race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other characteristic protected by applicable law. We're committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.PPFA participates in the E-Verify program and is an Equal Opportunity Employer.

#J-18808-Ljbffr