As the Lead DevSecOps Engineer you will lead the design, implementation and management of security practices and tools supporting the entire Dev Ops lifecycle, including continuous integration and continuous deployment (CI/CD). This role involves adoption of “secure by design” practices within the company by supporting the various teams and customers to ensure Burlington security standards are met and maintained. The ideal candidate will have demonstrated skills marshaling cybersecurity capabilities at the nexus of collaboration between cybersecurity and various operations teams such as development and infrastructure. 

A Day In The Life 

• Provide technical leadership in DevSecOps through the establishment of the practice and its sustained operation.
• Build and maintain collaborative and trusting relationships with operations teams such as development, infrastructure and other cybersecurity teams.
• Implement security practices and tools within CI/CD pipelines to integrate security into the DevOps lifecycle.
• Build and configure delivery environments supporting CI/CD tools using an Agile delivery methodology.
• Partner with the operations teams to identify, evaluate, and remediate security vulnerabilities in applications and infrastructure and utilize the learning to inform cybersecurity capability development or improvement.
• Develop and manage automated security testing processes and integrate them into CI/CD pipelines.
• Develop, implement and manage security processes and tools and resolve security related problems from monitoring, analysis, through effective response and closure.
• Work with development, operations, and security teams to align security practices with project goals and resolve security issues encountered in DevOps process.
• Maintain comprehensive documentation of security practices, procedures, problems and resolutions.

To Be Successful You Should Possess

• Bachelor degree in Computer Science or a related technical field. 
• Minimum of three-year experience in DevSecOps, at least six years in security engineering with focuses on application security and infrastructure security.
• In-depth knowledge of cybersecurity frameworks including but not limited to NIST, ISO/IEC 27001 and PCI DSS.
• Good understanding of security principles, tools, and practices for experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD).
• Demonstrated experience with secure development, coding, engineering practices.
• Strong scripting skills with languages such as shell scripts, Perl, Ruby, Python, etc.
• Experience with Infrastructure as Code and infrastructure testing strategies.
• Experience with systems reliability, load balancing, monitoring, logging.
• Experience with fully automating CI/CD pipelines end-to-end, from code commits to production.
• Knowledge of security practices for AWS, Azure, or GCP.
• Expertise in vulnerability scanning and assessment tools, such as Nessus, and familiarity with security services through Prisma Cloud, SIEM, SOC, and CrowdStrike.
• Familiarity with configuration management tools (e.g., Ansible, Puppet).
• Knowledge of API security, container security, and cloud security.
• Experience in retail industry preferred.

Come join our team. You’re going to like it here!

You will enjoy a competitive wage, flexible hours, and an associate discount. Burlington’s benefits package includes medical, dental and vision coverage including life and disability insurance. Full time associates are also eligible for paid time off, paid holidays and a 401(k) plan.

We are a rapidly growing brand and provide a variety of training and development opportunities so our associates can grow with us. Our teams work hard and have fun together! Burlington associates make a difference in the lives of customers, colleagues, and the communities where we live and work every day. Burlington Stores, Inc. is an equal opportunity employer committed to workplace diversity.

#LI-TG1