DevSecOps Engineer II

• Improve the security of containerized workloads in Kubernetes by leveraging CNAPP tooling for vulnerability scanning, runtime security, and compliance reporting
• Partner with developer, DevOps, and security teams to integrate CNAPP and SIEM tools into CI/CD pipelines and infrastructure-as-code workflows
• Test and refine Kubernetes security policies to strengthen enforcement and adoption
• Support investigation and remediation of container-related security issues
• Create documentation and best practices for secure container usage and deployment
• Provide reporting and evidence to support compliance with frameworks such as PCI DSS, HIPAA, SOC 2, NIST, and ISO 27001
• Stay current with new tools and approaches to improve Kubernetes and container security
• Support DevOps needs by participating in deployments and troubleshooting developer workloads
• Participate in an on-call rotation shared across 13 engineers. Each engineer typically covers one weekday every two weeks. If your shift falls on a Friday, the on-call period extends through the weekend until Monday at 10 AM. The on-call rotation begins after 3 months of employment
  

• 2+ years of hands-on, production-level experience with Kubernetes and containerization, including running and troubleshooting workloads in production environments is required.
• Experience with on-premises k8s, a bonus.
• Familiarity with CI/CD pipelines and tooling, (Jenkins, GitLab CI, ArgoCD)
• Basic scripting and automation skills (Python, Bash); experience with Go (Golang), a bonus.
• Experience with vulnerability scanning and container security workflows (Sysdig, Trivy, or similar)
• Familiarity with CNAPP and SIEM platforms (Sysdig, Rapid7, or similar), or a strong interest in developing expertise with them
• Understanding of networking concepts (TCP/IP, DNS, load balancing, firewalls, and Kubernetes network policies)
• Familiarity with compliance frameworks (PCI DSS, HIPAA, SOC 2, NIST, ISO 27001) and how to support evidence/reporting needs
• Understanding of security fundamentals such as Secure SDLC and secure coding principles
• Strong collaboration and communication skills, with the ability to translate security requirements into practical guidance for developers
  

We offer competitive compensation and affordable benefits with flexibility and choice to meet individual and family (including Domestic Partnerships) needs, including:

·       Multiple medical, dental, and vision plan options 

·       Company-paid life insurance, short and long-term disability 

·       401(k) savings plan with company match (50% on first 6% of employee contribution) 

·       35 days total annual PTO 

·       Annual Bonus Program  

·       Paid maternity and paternity leave 

·       Relocation allowance 

·       Employee referral bonus 

·       Gym membership 

·       Technical and Professional Development stipend

We are striving to implement and sustain an inclusive and equitable work environment for all employees by sourcing underrepresented groups and continually empowering those individuals within our organization to further enrich Vail’s communication solutions. We recognize that equitable and unique individuals benefit our teams’ problem-solving, innovation, and development efforts. 

Our offices are located in Deerfield and Chicago, IL. Interviews and onboarding are conducted in our offices when possible. We observe a hybrid work format that provides employees flexibility to collaborate with team members based on business needs. 

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.