Devops Security Engineer

Job Title
Devops Security Engineer

Summary
We are seeking a highly skilled and experienced Devops Security Engineer to join our Global Information Security team. You will play a critical role in integrating security practices into every stage of our software development lifecycle, ensuring we deliver secure, compliant, and high-performing applications, aligning security posture with business objectives and meets industry standards.

A Career with Point72’s Technology Team
As Point72 reimagines the future of investing, our Technology group is constantly improving our company’s IT infrastructure, positioning us at the forefront of a rapidly evolving technology landscape. We’re a team of experts experimenting, discovering new ways to harness the power of open-source solutions, and embracing enterprise agile methodology. We encourage professional development to ensure you bring innovative ideas to our products while satisfying your own intellectual curiosity.
Our Global Information Security team’s mission is to ensure the development, implementation, and management of a comprehensive program that effectively protects the confidentiality, integrity, and availability of Point72 information assets. Our team is comprised of security professionals with expertise in a diverse portfolio of security disciplines.
What you’ll do
· Collaborate with the DevOps team to design, implement, and manage a robust DevSecOps framework for our software development pipeline, integrating security tools and processes into our CI/CD workflows to enhance the developer experience
· Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies
· Create security focused DevSecOps policies and standards and provide training and awareness to the development team
· Develop Key Risk Indicators (KRIs) to track security posture across business lines, measure progress and identify outliers
· Implement and manage security testing tools and processes within the CI/CD pipeline, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and open source security (OSS)
· Work together with the DevOps team to automate security controls and compliance checks within the development pipeline, ensuring adherence to industry best practices and regulatory requirements
· Troubleshoot and resolve security issues throughout the software development lifecycle
· Stay abreast of emerging security threats, vulnerabilities, and DevSecOps best practices to continuously improve our security posture

What’s required
· 7-10 years of experience in software development, DevOps, or security engineering, with a strong focus on DevSecOps practices
· Expertise in CI/CD tools such as GitHub, Jenkins, GitLab CI/CD, Azure DevOps, or similar
· Proficiency in infrastructure-as-code tools like Terraform or CloudFormation
· Strong scripting and automation skills using Python, Bash, or similar languages
· Experience with security testing tools such as SonarQube, SNYK, Nessus, Qualys, or similar
· Familiarity with containerization technologies like Docker and Kubernetes
· Knowledge of security best practices for cloud environments (AWS, Azure, GCP)
· Understanding of security frameworks and compliance standards such as NIST CSF, ISO 27001, SOC 2
· Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, agile environment
· Strong problem-solving skills and a passion for continuous improvement in security practices
· Commitment to the highest ethical standards

We take care of our people
We invest in our people, their careers, their health, and their well-being. When you work here, we provide:
- Fully-paid health care benefits
- Generous parental and family leave policies
- Volunteer opportunities
- Support for employee-led affinity groups representing women, people of color and the LGBT+ community
- Mental and physical wellness programs
- Tuition assistance
- A 401(k) savings program with an employer match and more

About Point72
Point72 Asset Management is a global firm led by Steven Cohen that invests in multiple asset classes and strategies worldwide. Resting on more than a quarter-century of investing experience, we seek to be the industry’s premier asset manager through delivering superior risk-adjusted returns, adhering to the highest ethical standards, and offering the greatest opportunities to the industry’s brightest talent. For more information, visit www.Point72.com/working-here.

The annual base salary range for this role is $220,000-$260,000 (USD) , which does not include discretionary bonus compensation or our comprehensive benefits package. Actual compensation offered to the successful candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level, among other things.