Cybersecurity DevOps Engineer

ABOUT dataPARC

At dataPARC, we don’t just make software – we make manufacturers’ lives easier by getting information to people in a way that it can quickly be used to solve problems. Improving industrial operations is what we do, and dataPARC is how we do it.

Over the past 25 years, we’ve built a reputation for delivering the most intuitive and easy-to-use manufacturing decision support system available. Our customers love us, and many have even joined our team.

We’re a forward-thinking company, always looking for employees who bring fresh perspectives and new ideas to our space. While we’re known for our expertise in industrial analytics, we’re also a team that values diversity, inclusivity, and collaboration. If you’re dedicated to making a difference in manufacturing, we want to hear from you.

dataPARC is a division of Capstone Technology, part of the BTG Group, a subsidiary of the Voith Group.

WHY JOIN US

At dataPARC, we believe in taking care of our employees. Here are just a few of the benefits of joining our team:

  • Beautiful new office space near Portland, Oregon, just blocks from the Columbia River.
  • Hybrid work environment with fully remote option for out-of-area employees.
  • Full benefit package including medical, dental, vision, 401k, tuition assistance, paid maternity leave and more.
  • Generous vacation policy.
  • Welcoming, inclusive organization where everyone is valued and respected.
  • Compassionate leadership team that values work/life balance.
  • The opportunity to work for a respected brand in manufacturing and make a real difference in the lives of our customers.

GENERAL SUMMARY:

Cybersecurity DevOps Engineer plays a pivotal role in enhancing our organization’s cybersecurity defenses while supporting our software development operations. The primary focus of this role is to safeguard the integrity and security of our Windows and web applications, code, and deployment strategies. As a specialist in cybersecurity, you will be responsible for implementing and conducting penetration tests, maintaining secure build pipelines, and implementing robust risk management and IAM frameworks. Additionally, you will manage and optimize CI/CD pipelines, leveraging your knowledge of .NET, React, Docker, and CI/CD tools to ensure secure and efficient software delivery. The ideal candidate will bring a proactive approach to problem-solving and mentor the development team on secure practices. Your efforts will be crucial in driving operational excellence and protecting our applications and infrastructure against evolving security threats.

RESPONSIBILITIES:

  • Customer Interaction
    • Address and respond to cybersecurity-related queries and concerns from our clientele, ensuring their data security needs are met promptly
  • Penetration Testing
    • Administer regular penetration tests on our applications to identify vulnerabilities, weaknesses, and potential threats
  • CI/CD Management
    • Design, implement, and manage continuous integration and continuous delivery pipelines, ensuring swift, secure, and stable software releases
    • Regularly update and maintain pipeline configurations, scripts, and tools to reflect the latest best practices
  • Package & Docker Management
    • Administer NuGet packages and Docker images, ensuring they’re updated, secure, and free from vulnerabilities
  • Cybersecurity Process Management
    • Lead all cybersecurity-related processes within the company, ensuring that our applications and internal systems are protected against threats
    • Cybersecurity Mentorship: Guide and train the development team on best practices for secure development, ensuring they’re equipped with the latest knowledge and tools
  • Code & Deployment Review
    • Regularly dive into codebases and deployment setups, identifying areas for security and operational improvement, and implementing updates
  • Continuous Learning
    • Stay updated with the latest trends, tools, and techniques in both the cybersecurity and DevOps domains. Attend relevant workshops, webinars, and conferences
  • Documentation
    • Maintain comprehensive documentation on security protocols, CI/CD processes, identified vulnerabilities, and best practices for the team
  • Maintains a favorable working relationship with all other company employees to foster aid and promote a cooperative and harmonious working climate, which will be conducive to maximum employee morale, productivity, and efficiency/effectiveness
  • Participates in all training offered by Capstone as relevant to the department or position
  • Communicates effectively with internal and external customers, demonstrating high confidentiality and respect
  • Responsible for personal safety, the safety of the team, and those around you
  • Work in accordance with and enforce compliance with all BTG/Capstone policies (ex: Safety, Code of Conduct, Commercial Policy, Security Policy, and Export Compliance) to maintain BTG/Capstone reputation and image

ORGANIZATIONAL RESPONSIBILITY STATEMENT

Responsible for personal safety and the safety of the team. In addition to the job-specific responsibilities listed above, all employees are expected to support and model BTG’s Code of Business Ethics and support BTG’s Values: Innovative, Reliable, Fair, Sustainable, and Ambitious.  Employees will be held accountable for knowledge and effective application of these principles.

REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES:

  • Proven experience in frontend and backend development, particularly in .NET, React, Docker, and CI/CD tools.
  • Solid understanding of cybersecurity principles, risk management, penetration testing methodologies, and IAM frameworks.
  • Familiarity with modern authentication/authorization mechanisms like OAUTH, JWT.
  • In-depth knowledge of CI/CD principles and best practices.
  • Relevant certifications (such as CISSP, CEH, OSCP, or DevOps certifications) are a plus.
  • Demonstrates excellent oral and written communication skills
  • Positive attitude
  • Strong attention to detail and follow through
  • Ability to use appropriate independent judgment to make decisions
  • Ability to learn and apply organization policy and procedure
  • Highly self-motivated and directed

PREFERRED KNOWLEDGE, SKILLS, AND ABILITIES:

  • Experience with Veracode SAST, SCA, Dynamic Scanning, and Docker Scanning
  • Experience implementing KeyCloak or similar IAM

REQUIRED EDUCATION/EXPERIENCE:

  • Monday – Friday: 8AM to 5PM Local Pacific Time
  • Training Period Schedule (First 4-6 Months): Monday – Friday: 7AM to 4PM Local Pacific Time

LANGUAGES:

  • While a Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field is beneficial, we equally value practical experience. As such, we are open to candidates with a minimum of 5-7 years of relevant work experience in lieu of a formal degree.

Here at dataPARC, we love the challenges brought to us by both the process industry and our customers. We aim to create an atmosphere of teamwork and unyielding support from colleagues who have been with the company 7 years on average; many who have been on board over 20 years. If you join our team, we know you will enjoy the people and the challenges you encounter daily.

dataPARC software is installed in 800 sites in 40 countries around the world, helping people in plants make the best decisions for their business 24 hours a day, 7 days a week. Our business strives to make a difference in the lives of our employees and customers by contributing our time and talents to local charities and each other.

Please send your cover letter and resume to jobs@capstonetechnology.com

LINKEDIN POSTING

https://www.linkedin.com/jobs/view/3912998076

RECRUITMENT PRIVACY NOTICE

Please note, before applying to a dataPARC job posting or sending us your resume/CV, kindly refer to dataPARC/Capstone/BTG’s Recruitment Privacy Notice, which is available on our website at: https://www.btg.com/btgs-recruiment-policy/ 

We thank you for your interest in dataPARC; however only those candidates selected for an interview will be contacted.

The statements herein are intended to describe the general nature and level of work being performed by employees, and are not to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified.  Furthermore, they do not establish a contract for employment and are subject to change at the discretion of the employer.