DevSecOps Engineer (Cloud Security, AWS)

14 hours, 52 minutes ago
Full-time
Mid Level
DevOps and Infrastructure
Tripadvisor

Tripadvisor

Tripadvisor is the world's largest travel guidance platform, offering over a billion reviews and recommendations for hotels, attractions, restaurants, and more. Travelers rely on Tripadvisor to plan their trips, find savings on accommodations, book exp...

Consumer Services
1K-5K
Founded 2000

Description

  • Monitor, analyze, and investigate security alerts from AWS infrastructure, application logs, and security tooling.
  • Respond to security incidents affecting the Tripadvisor Experiences application, including breaches, application-layer attacks, and infrastructure compromises.
  • Triage vulnerabilities reported through the bug bounty program and other external sources.
  • Build and maintain security monitoring and alerting capabilities in the production environment.
  • Automate security operations tasks using scripting to improve detection and response times.
  • Configure, tune, and help manage security tools including WAF, AWS GuardDuty, and Security Hub.
  • Operationalize findings from SAST, DAST, and SCA tools by prioritizing and remediating vulnerabilities with engineering teams.
  • Conduct threat modeling for new features to identify and mitigate risk before production.
  • Collaborate with engineering teams on secure coding practices and secure architecture.

Requirements

  • Hands-on experience securing a production AWS environment.
  • Comfort with AWS security services such as GuardDuty, Security Hub, WAF, and CloudTrail.
  • Good understanding of core AWS services including VPC networking, EC2, RDS, S3, Lambda, and EKS.
  • Proficiency with Terraform for reading, writing, and reviewing infrastructure as code.
  • Proven experience across the full incident response lifecycle, from detection to post-mortem.
  • Proficiency in at least one scripting language such as Python, Go, or Bash.
  • Solid understanding of common web application vulnerabilities and OWASP Top 10 defenses.
  • Demonstrated ability to use AI tools to improve efficiency, quality, and decision-making.
  • Ability to operate effectively with a global-first mindset.
  • Experience with cloud-native security tools or SecOps tools is preferred.

Benefits

  • Competitive compensation with base salary and annual bonuses.
  • Remote-friendly work with flexible options to work on-site when desired or required.
  • Flexible schedule supporting work-life balance.
  • Annual donation matching.
  • Annual tuition assistance for qualified programs.
  • Annual lifestyle benefit for travel, wellness, or personal use.
  • Travel discounts and other travel perks.
  • Employee assistance program and support resources.
  • Health benefits with competitive coverage and premiums.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Oracle HCM Reporting/Cloud Developer

Accenture 100K+ Professional Services

Accenture Federal Services is hiring an Oracle HCM Reporting Developer/Cloud Developer to build and support Oracle HCM Cloud reporting and analytics for federal HR functions.

SQL
14 hours, 22 minutes ago

Security Engineer

Neuralink 251-1K Biotechnology

Neuralink is hiring a Security Engineer to protect its corporate and product environments for brain-computer interface systems, spanning both IT security operations and product security.

AWS Embedded Systems HIPAA Kubernetes Linux macOS Penetration Testing SIEM
14 hours, 37 minutes ago

Senior Cloud & Security Engineer

KPA 251-1K Professional Services

KPA is seeking a Senior Cloud & Security Engineer to own cloud infrastructure, security platforms, identity, automation, and technical modernization initiatives that improve the company’s security, scalability, and operational maturity.

AWS Azure CrowdStrike Penetration Testing PowerShell REST API Windows Server
14 hours, 52 minutes ago

Senior Software Engineer - Cloud Partner Integrations

ClickHouse 51-250 IT Services

ClickHouse is hiring a founding backend engineer to own end-to-end integrations that bring ClickHouse Cloud into customer environments and establish the technical direction for a growing team.

CI/CD ClickHouse JavaScript TypeScript
1 day, 13 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers