SkillBridge - DevSecOps Engineer

About The Weather Company

The Weather Company is the world's leading weather provider, leveraging advanced technology and AI to help individuals and businesses make informed decisions. We deliver high-volume weather data, insights, advertising, and media solutions across the open web, enabling global preparation and harnessing the power of weather in a scalable, privacy-forward manner. Recognized as the world's most accurate forecaster, we serve hundreds of enterprise clients and over 360 million monthly active users through digital properties like The Weather Channel (weather.com) and Weather Underground (wunderground.com).

Job Brief: SkillBridge - DevSecOps Engineer

We are seeking a DevSecOps Engineer to join our team. This critical role involves collaborating with the core application engineering team and cybersecurity lead to ensure all DROP Platform offerings meet stringent security and compliance goals.

This position is offered as part of the Department of Defense (DoD) SkillBridge Program. The SkillBridge program provides active-duty service members with the opportunity to gain valuable civilian work experience during their final 180 days of service.

Applicants must be active-duty military, within 180 days of separation, and have received approval from their command to participate in the SkillBridge Program.

The Impact You'll Make

• Set up and automate regular system patching.
• Implement and automate static and dynamic code scanning.
• Establish and automate vulnerability scanning processes.
• Automate ticket creation and evidence production from scanning tasks.
• Automate change management processes.
• Develop security and compliance dashboards and reports.
• Conduct security reviews on build environments, ensuring systems are patched and follow security best practices.
• Participate in agile/scrum processes to integrate security deliverables into product delivery.
• Collaborate and coordinate with third-party security consultants.
• Manage audit processes and triage results with the team.

What You've Accomplished

• 5+ years of professional experience as a DevSecOps Engineer.
• Deep understanding of build automation processes and tools (e.g., GitHub Actions, Vercel, Jenkins, TravisCI).
• Expertise with container technologies (e.g., Docker, Kubernetes, Helm).
• Experience with various compliance standards (e.g., SOC2, CMMC, NIST, ISO).
• Familiarity with Department of Defense (DoD) Impact Level 6.
• Proficiency in scripting/coding in at least two languages: bash, perl, python, ruby, groovy, JavaScript, PHP.
• Solid understanding and experience with APIs (REST, XML, JSON).
• Extensive experience with at least one cloud provider (AWS, Azure).
• Experience with security tooling (e.g., Checkmarx, OWASP Zap, Skyk, Dependabot).
• Familiarity with issue tracking systems, especially JIRA.
• Strong communication and organizational skills.
• Self-starter with an eagerness to learn new skills and accept challenges.

SkillBridge Eligibility

• Active-duty service member within 180 days of separation.
• Able to obtain command approval to participate.
• Meets basic qualifications for the role.