Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
Client Technology (CT) -focuses on developing new technology services for our clients. It enables EY toidentify new technology-based opportunities faster, and pursue those opportunities more rapidly.
Enterprise Workplace Technology (EWT) – EWTsupports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
About EY: EY is a global leader in Advisory, Assurance, Tax, and Transaction Services. The insights and quality services we deliver build trust and confidence in capital markets and economies throughout the world. We are a $30B+ partnership spanning 150+ countries with 270K+ employees continuously evolving the business landscape to build a better working world.
Our Team’s Culture: EY’s mission is to build a better working world and we can’t do it without the right people: exceptional people know for their thought leadership with an entrepreneurial spirit who want to work with the best, constantly learn and create positive change. In the CTPE (Client Technology Platform Engineering) Team within the Client Technology (CT) organization, we use innovative and superior technology capabilities while maximizing efficiency to allow further invest in ongoing growth. Our evolving approach adopts the innovative and cultural approaches of technology leaders:
· To build high performing and independent global teams, we value integrity, respect, collaboration and excellence
· We foster continuous learning through purposeful and broad sharing of knowledge
· We evolve and challenge teams by communicating in a respectful, direct and open manner
· In pursuit of speed and flexibility, we focus on outcomes rather than rules
· To foster creativity, we want work to be fun, exciting and rewarding
· We automate the repeatable to ensure speed and quality
· We exercise good judgement in balancing strategic goals with tactical needs
As a DevSecOps Engineer, you will be responsible for the engineering and escalation support of leading and emerging technology designs as part of a global product team using a mixture of COTS, MOTS and custom developed software hosted using IaaS, PaaS and SaaS cloud services. You will work as part of an evolving Agile DevSecOps Team to rapidly design, secure, build, test and release new technology enabled capabilities. The role is primarily an individual contributor who collaborates closely with other Engineers, Architects, InfoSec Consultants, Product Managers & Owners, and internal customers.
Essential Functions of the Job:
· Engineer and automate platform solutions to meet and exceed expectations of Product Manager
· Secure and automate solutions through collaboration with InfoSec and Architecture resources
· Proactively evolve and apply DevSecOps methodologies, standards and leading practices
· Ensure re-use through consumption and expansion of shared platform technology assets
· Apply modern development standards/principles, global product-specific guidelines, security standards, usability design standards, as approprioate.
· Ensure quality through use of manual and automated controls
· Provide direction, training and escalation support for platform/product operations
· Identify, communicate and mitigate Risks, Assumptions, Issues and Decisions throughout full lifecycle
· Using strategic thinking, consider the art of the possible, compare various options based on feasibility and impact, propose actionable plans and roadmaps that balance tactical and strategic needs
· Must be able to communicate fluently in English, both written and verbal
· Excellent interpersonal communication and organizational skills to contribute as a leading member of global, distributed teams focused on delivering quality services and solutions
· Able to distill complex technical challenges to actionable and explainable decisions
· Inspire DevSecOps teams by building consensus and mediating compromises when necessary
· Demonstrate excellent engineering & automation skills in the context of cloud based global platform/product delivery using continuous integration (CI) and continuous deployment (CD)
· Demonstrate ability to rapidly learn new and emerging technologies with ability to rapidly define engineering standards and produce automation code
· Operational abilities including early life support and driving root cause analysis and remediation
· Bachelor’s Degree or equivalency (CS, CE, CIS, IS, MIS, or engineering discipline)
· 10+ years overall IT industry experience
· 3+ years in a engineering role using service and hosting solutions such as private/public cloud IaaS, PaaS and SaaS platforms.
· 2+ years CI/CD delivery using code management, configuration management and automation tools such as GitHub, VSTS, Ansible, DSC, Puppet, Ambari, Chef, Salt, Jenkins, Maven, etc.
· Experience with any of the following: Azure, O365, Azure Stack, Azure AD
· Multi-system Integration using industry standards such as REST, API, JSON, SOAP, etc
Nice to have Experience:
· Experience performing DevOps/DevSecOps engineering on a platform or product
· Experience with any claims based authentication (SAML/OAuth/OIDC), MFA, RBAC, or ABAC
· Knowledge of cloud security controls including tenant isolation, encryption at rest, encryption in transit, key management, vulnerability assessments, application firewalls, SIEM, etc.
· Experience with resilient and highly available mission critical technology components
· Experience with multi-geo, multi-tier service design and operations
· Delivery using modern methodologies especially SAFe Agile, Iterative, Waterfall, etc.
Nice to have Certifications:
· Microsoft, Redhat, TOGAF, Zachman, ITIL, Cisco, (ISC) 2 , CEH, SAFe, PMI, etc.