DevSecOps Engineer

Vantaca’s vision is big. We are the leading community management performance software that enables owners and operators, community management teams, and boards and associations to improve business performance. More than just accounting and management software, it is business operating software that helps increase revenue, efficiency, flexibility, and control. A modern cloud architecture with a single-platform design that adapts to 100% of business processes, has proactive reporting, and can integrate with the software and banking partners of choice. Vantaca is focused exclusively on community management and is the trusted and proven technology leader in the community association management industry.

We are a winning team that believes in working together to make big ideas happen. We are a collaborative and visionary group that holds ourselves accountable for our results. Our ability to be nurturing and agile allows us to adapt to change and support each other through any challenges that come our way. We are customer-centric, meaning that we put our customers' needs and preferences at the heart of our work. We are authentic game changers that are building something cool and people like it here.

Overview

As the DevSecOps Engineer you will be responsible for championing the integration of security practices into our software development and operations processes. Collaborating with cross-functional teams, including developers, operations, and security experts, the DevSecOps Engineer will ensure the security, compliance, and reliability of our systems throughout the software development lifecycle.

Requirements

• Design and implement security measures into the software development and deployment pipeline.
• Conduct security assessments, vulnerability testing, and code reviews to identify and remediate security vulnerabilities.
• Collaborate with development and operations teams to automate security processes and integrate security tools into the continuous integration/continuous deployment (CI/CD) pipeline.
• Provide guidance and support for incident response and contribute to the development of incident response plans.
• Stay informed about the latest security threats, technologies, and best practices, and actively propose innovative solutions to enhance our security posture.

EXPECTATIONS FOR SUCCESS

• Maintain a high level of security compliance throughout the development lifecycle.
• Implement and monitor security controls to prevent, detect, and respond to security incidents.
• Ensure that security practices align with industry standards and regulatory requirements.

RESPONSIBILITIES

• Collaborate with development and operations teams to embed security into the DevOps process.
• Implement security best practices for cloud infrastructure and containerized applications.
• Conduct regular security assessments, including penetration testing and code reviews.
• Work closely with developers to address security vulnerabilities in the codebase.
• Automate security testing and monitoring processes within the CI/CD pipeline.
• Assist in defining and maintaining security policies and procedures.
• Provide expertise in security incident response and contribute to the development of incident response plans.
• Stay current with industry trends, emerging threats, and security technologies.

QUALIFICATIONS

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• Proven experience in DevSecOps or a similar role.
• Strong understanding of security principles and best practices.
• Experience with security tools, vulnerability scanning, and penetration testing.
• Proficiency in scripting and automation (e.g., Python, Shell).
• Knowledge of cloud security and containerization technologies.
• Familiarity with regulatory requirements and compliance frameworks.
• Understanding of version control systems, particularly Git.
• Experience with agile and DevOps methodologies.

Our Value Prop to Employees

• Our eNPS is +37! (Google it, that is great).
• Benefits: Medical, Dental, and Vision kick in day one.
• Unlimited PTO (with a requirement for employees to take a minimum of one continuous week per year).
• 401K with Company Match.
• Remote Flexible - come to the office when needed.
• Great parental leave benefits.
• Named on Inc 5000 list of America’s Fastest Growing Private Companies (2021, 2022 and 2023).
• Named on Inc 5000 Vet 100 Private Companies list multiple years in a row.
• 2021 Winner of Coastal Entrepreneur Award, Technology Category.
• Active employee-led Culture Committee.
• Ongoing industry and professional development trainings available to all employees.
• Multiple leaders on the executive committee recognized as 40 under 40 recipients for contributions to business and community.
• We’re playing offense to win! Our product market fit and our world-class employees make us the leader in our space. We’re building something cool and people like it here.

Although we do business around the US, we call North Carolina home. NC was just ranked the #1 state for business in 2022 and 2023 by CNBC and we believe it! The state, and in particular the Wilmington area, is a great place to live and do work. Wilmington, where Vantaca is headquartered, really has something for everyone. Historic Downtown Wilmington runs along the Cape Fear River and offers dozens of shops, restaurants and live entertainment opportunities. If you want to spend some time outdoors, get some sun or go surfing or fishing, you can pick a spot along one of our beautiful beaches. Explore info about where we’re headquartered at www.nccareercoast.com