Expert DevSecOps Engineer - Elevate Platform

Requisition ID # 164814 

Job Category: Information Technology 

Job Level: Individual Contributor

Business Unit: Information Technology

Work Type: Hybrid

Job Location: Oakland

Department Overview

Information Systems Technology Services is a unified organization comprised of various departments which collaborate effectively in order to deliver high quality technology solutions.

Position Summary

We are seeking an experienced and proactive DevSecOps Engineer to join our Cybersecurity Application Platform Security Team to secure our Geographic Information Systems (GIS) applications as a part of large business transformation effort – Elevate. The ideal candidate will have hands-on experience with cybersecurity platforms, with a deep understanding of cloud security (especially AWS), strong experience with DevSecOps practices, and an understanding of GIS applications to operate the environment securely, enhance security posture, secure CI/CD pipelines and continuously bake-in security and compliance

The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies

This position is hybrid, working from your remote office and your assigned work location based on business need. The assigned work location will be within the PG&E Service Territory. 

PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. Although we estimate the successful candidate hired into this role will be placed between the entry point and the middle of the range, the decision will be made on a case-by-case basis related to these factors.

This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.

A reasonable salary range is:

Bay Area Minimum: $132,000.00
Bay Area Maximum: $226,000.00

Job Responsibilities

• Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications
• Provide security best practices for implementing COTS software such as ArcGIS in AWS.
• Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. (‘Secure by design’, ‘Secure by default’)
• Implement security policy-as-code (PaC) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines
• Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.
• Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities
• Validate Identity and Access Management (IAM) policies and roles
• Secure data at rest and in transit using AWS encryption services
• Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs
• Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.
• Promote cybersecurity awareness among developers and stakeholders.
• Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).

Qualifications

Minimum:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
• 8 years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles

Desired:

• Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)
• Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)
• Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)
• Understanding of security standards and frameworks (e.g., NIST CSF)
• Excellent communication and collaboration skills
• Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.
• CISSP, CISM, or DevSecOps-specific credentials are a plus.
• Strong analytical and problem-solving skills with excellent communication and teamwork abilities.
• Relevant security certifications (e.g., AWS Certified Security - Specialty, CISSP, CEH)
• Experience with GIS-specific security challenges and solutions
• Knowledge of multi-cloud and hybrid cloud security architectures
• Familiarity with compliance requirements in the GIS industry

Preferred Technical Skills:

• Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
• Knowledge of container security (Docker, Kubernetes)
• Familiarity with secure software development lifecycle (SDLC) practices.

Soft Skills  

• Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.  
• Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.  

#featuredjob