Investment Management Jobs in Virginia with H-1B1 Sponsorship

Job Description

Job Family: Cybersecurity Engineering

REPORTING RELATIONSHIPS

Reports to: Principal, Cybersecurity Engineering Manager

Direct Reports: None

POSITION SUMMARY STATEMENT

We’re looking for a SecDevOps-focused Security Engineer who enjoys embedding security into the software delivery lifecycle and partnering across development, operations, and security teams. In this role, you’ll help build secure-by-default tooling, automate security controls, and design scalable guardrails that make secure engineering easy. Whether your background is traditional or non-traditional, if you’re passionate about automation, cloud security, and enabling developers, we encourage you to apply.

We’re seeking someone who is excited to bring an automation-first mindset and who knows how to balance developer needs with risk-informed pragmatism. You will bridge security, dev, and ops cultures by translating between devs who want speed, security teams who want safety, and ops teams who want stability.

We value diverse backgrounds, perspectives, and experiences, and we are committed to building a team where everyone feels they belong. We especially encourage candidates from underrepresented communities in cybersecurity and technology to apply. Our interview process focuses on problem-solving ability, practical skills, and collaborative mindset.

DETAILED RESPONSIBILITIES/DUTIES

You will help advance our automation‑first engineering strategy by designing and maintaining the foundational systems that enable secure, reliable, and scalable software delivery across the organization.

Build and Evolve CI/CD Foundations

• Design, operate, and continuously improve CI/CD pipelines using modern tooling to enable rapid, consistent, and high‑quality software delivery.
• Automate build, test, and deployment workflows to reduce manual effort and improve engineering velocity.

Implement Infrastructure as Code

• Use Terraform, CloudFormation, or similar IaC technologies to define and manage cloud infrastructure in a scalable, repeatable, and version‑controlled manner.
• Ensure infrastructure is provisioned reliably and consistently through code‑driven automation.

Drive Configuration Management Excellence

• Leverage tools such as Ansible, Chef, or Puppet to automate system configuration and maintain standardized environments across development, staging, and production.
• Ensure configuration drift is minimized and environments remain aligned with security and compliance requirements.

Advance Containerization and Orchestration

• Build and maintain containerized application patterns using Docker.
• Utilize Kubernetes (or equivalent orchestration platforms) to deploy, scale, and operate containerized workloads in a resilient, automated fashion.

Lead Scripting & Automation

• Develop automation using Python, Bash, PowerShell, or similar languages to eliminate repetitive tasks and improve operational efficiency.
• Create custom tooling that supports engineering workflows, observability, and security automation.

Strengthen Monitoring & Observability

• Implement and maintain monitoring, logging, and alerting systems—leveraging tools such as Splunk—to ensure environment health, availability, and performance.
• Develop proactive detection mechanisms to identify and remediate issues before they impact operations.

Champion Version Control Best Practices

• Use Git to manage source code, configuration, and infrastructure artifacts while promoting strong branching, pull request, and code review practices.
• Help teams adopt workflows that enhance collaboration and code quality.

Optimize Cloud Platform Automation

• Work with Azure and other cloud platforms to build scalable, secure, and highly automated infrastructure.
• Leverage cloud‑native capabilities to improve performance, reliability, and cost efficiency.

Embed Security Automation into Engineering Workflows

• Automate critical security controls—including vulnerability scanning, compliance validation, policy enforcement, and incident response.
• Integrate security scanning and guardrails directly into CI/CD pipelines to ensure continuous security from commit through production.

Demonstrate Collaboration and Communication:

• Effective communication skills to collaborate with development, operations, and security teams.
• Promoting a culture of SecDevOps and automation within the organization.
• Automating the build, test, and deployment processes to ensure rapid and reliable delivery of software.

Use Your Soft Skills:

• Excellent leadership and team management skills.
• Strong analytical and problem-solving abilities, supported by inclusive collaboration with team members with diverse working and thinking styles.
• Ability to stay updated with the latest security trends and threats.

SUPERVISORY RESPONSIBILITIES

None

Required Qualifications

We don’t expect expertise in every tool listed; experience with similar technologies is equally valuable.

• Significant experience in Cybersecurity (typically 8+ years), with significant hands-on experience in Security Engineering, DevOps, SRE, AppSec automation, or Platform Engineering OR equivalent practical expertise gained through nontraditional paths
• Hands-on with one or more CI/CD stacks (GitHub Actions, GitLab CI, Azure DevOps, Jenkins)
• Proficient in Terraform/IaC, Kubernetes, and cloud provider security (Azure preferred)
• Experience integrating SAST/SCA/DAST, container/IaC scanners, and secret scanning into pipelines
• Strong scripting in Python and/or Bash; infrastructure tooling (Helm, kustomize)
• Familiarity with OIDC workload identity, artifact registries, and software supply chain controls
• Clear communicator who can translate risk into engineering work

Preferred Qualifications

• Built policy gates with OPA/Gatekeeper or Kyverno; authored custom policies.
• Implemented sigstore cosign, admission controls, and image allowlists.
• Experience with Falco or cloud runtime sensors; integrated with SIEM/SOAR (Splunk, Sentinel).
• Knowledge of SLSA, NIST SSDF, CIS Benchmarks, MITRE ATT&CK for Containers/Cloud.
• Exposure to secrets lifecycle automation (rotation, dynamic creds), Vault or cloud-native KMS.
• Background in threat modeling and attack surface reduction for microservices.

Education

• Bachelor’s degree, relevant technical training, or equivalent hands-on experience. We welcome candidates with nontraditional educational paths.

• Professional Certifications (e.g., GSEC, GCIA, CISSP, OSCP) are valued but not required

• Advanced certifications in cloud and AI security are a plus.

GENERAL REQUIREMENTS

• Strong sense of ownership, accountability, and attention to detail.
• Ability to manage competing priorities and deliver results in a dynamic environment while maintaining healthy work practices.
• Proven track record of developing and maintaining structured processes that support efficiency, scalability, and rapid business growth.
• Inclusive leadership style; ability to work effectively with collaborators who have diverse backgrounds, communication styles, and technical strengths.
• Curiosity and a growth mindset, with the ability to adapt approaches to evolving technology landscapes.
• Strong communication skills for bridging technical and business perspectives.
• Role requires occasional coordination with global teams; we support flexible scheduling to accommodate individual needs.
• The team supports different communication and work styles.

Why Join Us

You will have the opportunity to define foundational controls for rapidly expanding cloud and AI environments, influence enterprise-wide security strategy, and collaborate with highly skilled engineering and security teams across the organization. Your work will directly safeguard the platforms that power next-generation innovation in one of the industry’s most dynamic environments.

We are committed to equitable hiring. Candidates may qualify through a combination of education, training, lived experience, or self-directed learning. If you’re excited about the role but don’t meet every listed requirement, we encourage you to apply.

Compensation

The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role.

$240,000 - $270,000

The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit.

Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more.

There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.