Job Description:
Our Opportunity:
Chewy is seeking a DevSecOps Engineer II to join our established technology team in Plantation, FL or Boston, MA. Our mission is to be the most trusted and convenient destination for pet parents and partners, and our Information Security team plays a critical role in supporting that vision by protecting the confidentiality, integrity, and availability of our data. In this role, you will help secure Chewy’s public cloud environments by developing and integrating security tools, writing scripts and automation to support cloud security objectives, and implementing scalable solutions that align with our security standards. The ideal candidate will contribute to key security initiatives while embracing Chewy’s culture of innovation (#ThinkBig) and simplicity (#KeepItSimple).
What You’ll Do:
- Drive the evaluation and integration of edge technologies (WAF, firewall, bot protection, content monitoring and remote access solutions) and providers, partnering with other security, infrastructure, and application teams to align controls with business and risk objectives.
- Drive the integration of edge technologies and providers, partnering with other security, infrastructure, and application teams to align controls with business and risk objectives.
- Provide security guidance and risk management through architecture design reviews, code reviews and standard documentation of services running in our multi-cloud environments.
- Collaborate with Developers, Site Reliability Engineering, Vulnerability Management, and Security Operations teams to achieve shared security goals.
- Ensure applications and infrastructure deployed to public clouds to meet performance, privacy, and security requirements.
- Assist the Security Operations Center in the identification and mitigation of web based attacks, and provide when appropriate recommendations for improvements to the defensive posture of web applications at the edge.
- Develop automation, observability, and performance tuning workflows for edge services to continuously improve detection fidelity, response speed, and delivery efficiency.
- Engage in on-call rotation and provide operational support for security alerts, escalations, and incidents, helping to ensure 24/7 resiliency.
- Contribute to a culture of operational excellence and security-first thinking, balancing precision, speed, and simplicity in all aspects of your work.
What You’ll Need:
- Bachelor's degree or higher in Computer Science, Computer Information Systems, or similar; or equivalent experience.
- Ability to write functional Terraform or equivalent infrastructure as code language or scripting language
- Experience with Groovy for Jenkins pipeline file development.
- Experience managing AWS native security services: Guard Duty, Security Hub, Trust Advisor, Organization Delegated Administrator, IAM, KMS.
- Experience managing GCP native security services: Security Command Center, IAM, Google Cloud Storage, Logs and Log Sinks.
- Working knowledge of common technical controls across security domains (logical access, configuration management, security operations, etc.)
- Excellent analytical and problem-solving skills, with the ability to identify, mitigate and communicate risks effectively to stakeholders.
- Experience deploying Cloud Security Posture Management (CSPM) platform technologies on public clouds.
- Working knowledge of public cloud container technologies such as ECS, EKS, GKE, etc.
- Ability to balance multiple priorities at a given time.
- Must be team-oriented and have a customer first mindset.
Bonus (if applicable):
- Ability to write functional Python, Go or Ruby
- Experience managing commercial security tools and platforms.
- Knowledge of Open Policy Agent – Rego.
- Understanding of Git and GitOps concepts.
- Experience working in a fast-paced e-commerce environment.
- Experience investigating security incidents in public clouds (AWS, Google.)
The base salary range for this role is $100,000 - $160,000.00.
- The specific salary offered to a candidate may be influenced by a variety of factors including but not limited to the candidate’s relevant experience, education, and work location. In addition, this position is eligible for 401k and a new hire and annual equity grant. C08+ positions may also be eligible for annual bonus.
We offer different types of insurance and benefits, such as medical/Rx, vision, dental, life, disability, hospital indemnity, critical illness, and accident. We offer parental leave, family services benefits, backup dependent care, flexible spending accounts, telemedicine, pet adoption reimbursement, employee assistance program, and many discounts including 10% off pet insurance and 20% off at Chewy.com.
Exempt salary team members have unlimited PTO, subject to manager approval. Team members will receive six paid holidays per year. Team members may be eligible for paid sick and family leave in compliance with applicable state and local regulations.
Chewy is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, national origin, gender, citizenship, marital status, religion, age, disability, gender identity, results of genetic testing, veteran status, as well as any other legally-protected characteristic. If you have a disability under the Americans with Disabilities Act or similar law, and you need an accommodation during the application process or to perform these job requirements, or if you need a religious accommodation, please contact CAAR@chewy.com.
To access Chewy's California CPRA Job Applicant Privacy Policy, please click here.