EchoStar is reimagining the future of connectivity, operating brands like DISH TV and Boost Mobile. They are seeking a Vulnerability Management & DevSecOps Engineer II to help architect and manage automated security tooling, oversee a vulnerability management program, and collaborate with engineering and product teams to embed secure development practices.
Help architect, implement, and manage automated security tooling (e.g., SAST, DAST, IaC, container scanning, AI Security) across the SDLC, integrating with developer environments, CI/CD pipelines, and production systems
Assist with maturing a comprehensive vulnerability management program, overseeing scanning, risk assessment, reporting, and remediation across applications, infrastructure, and third-party dependencies
Partner with engineering and product teams to embed secure development practices from design through deployment, providing expert guidance and integration support
Establish and refine vulnerability tracking and reporting processes, enabling rapid awareness, prioritization, and resolution of security issues through coordinated efforts across teams
Assist with refining and enforcing security policies and guardrails as code for cloud environments (AWS, Azure, GCP), ensuring automated enforcement of secure configurations and practices
Drive cross-functional collaboration with Dev, Ops, and InfoSec teams, incident support, automation solutions, and reporting to strengthen the organization’s security posture and culture
Execution of regular asset discovery and vulnerability assessment scanning, interpret results, create and distribute reporting, educate and guide stakeholders, and prioritize remediation efforts based on risk
Provide expert guidance and integration support to empower asset owners to avoid risks and prevent risks from reaching production environments
Participate in incident response activities related to vulnerabilities and misconfigurations, assisting with root cause analysis and mitigating control implementation
Qualification
Required
Bachelor’s degree in Computer Science, Information Security, or a related field
2+ years of experience in DevSecOps and Vulnerability Management, with a strong record of technical leadership and program maturity
Deep hands-on experience with application security tools (e.g., SCA, SAST, DAST, IaC, Secrets, Container Scanning, AI Security) and integration into development workflows (e.g., Snyk, Veracode, SonarQube, Prisma)
Proficient in asset discovery and vulnerability scanning tools (e.g., Tenable, Rapid7, Palo Alto Cortex/Prisma/XSIAM/XSOAR), including report creation and dashboarding
Familiar with Docker, Kubernetes, and their security implications, as well as development and project management tools like Jira, Confluence, and ServiceNow
Skilled in scripting and automation, with strong proficiency in Python (required) and familiarity with Bash, PowerShell, Go, and JavaScript
Experienced with CI/CD pipelines and tools like Jenkins, GitLab, GitHub Actions, and Azure DevOps
Strong experience in cloud and application security, including AWS, Azure, GCP, Terraform, OWASP Top 10/API Top 10, and vulnerability frameworks like SANS Top 25, KEV, and EPSS
Proven ability to be a top performer in dynamic environments, managing projects, prioritizing tasks, and driving results with minimal direction
Excellent communicator and collaborator, able to influence stakeholders and tailor messaging for both technical and non-technical audiences
Continuously learning and highly adaptable, with a strong security mindset, curiosity, and a commitment to knowledge sharing, documentation, and organizational success
Preferred
Master’s degree or security certifications (CISSP, CSSLP, GCSA, CCSP)
XQL experience a plus
Benefits
Flexible spending accounts
HSA
A 401(k) Plan with company match
ESPP
Career opportunities
A flexible time away plan
Our adventure began by changing the way people watched TV, bringing DISH to where big cable wouldn’t: rural America.
Glassdoor
3.3
Founded in 1980
Englewood, Colorado, USA
10001+ employees
https://www.dish.com
Our adventure began by changing the way people watched TV, bringing DISH to where big cable wouldn’t: rural America.
