Skip to main content

Information Security Engineer (DevSecOps)

Fisher Investments Woodside, California
Deadline: October 31, 2025
Apply Now

At a Glance:

Statement of Interest: No

Contact: Robert McDonnell

The Opportunity:

Fisher Investments is growing internationally, and we are looking for an Information Security Engineer (DevSecOps) to join a team that drives future global growth and scale through strategic solutions and continuous innovation. You will help support our firm's diverse departments by building relationships with stakeholders, while consulting and managing a full range of CICD pipeline cyber security controls with technology teams at an Enterprise level.

You will contribute to initiatives that require Information Security DevSecOps experience in application development, release management, and infrastructure as code environments.

The Day-to-Day:

  • Develop and manage the configuration, maintenance, and operations of DevSecOps related security services including, but not limited to, GitHub Advanced Security and Terraform.
  • Frequent interaction with all Information Security Teams, Technology, Project, and Governance teams to assist and implement Secure CICD pipeline practices, controls, and vulnerability response.
  • Use analytical and problem-solving skills, as well as technical knowledge, to assess and propose cyber security risk remedies related to DevSecOps.
  • Participate actively in development of secure coding standards, principles, architecture and standards, leveraging knowledge/experience in NIST, CIS, ISO, and other international standards
  • Identify areas for improvement proactively and support the DevSecOps effort in standardizing processes and procedures.
  • Contribute to the success of the Information Security DevSecOps program within the firm by supporting the various teams and customers in the implementation of good security practices.
  • Analyze existing and future security controls and make recommendations for changes or improvements.
  • Develop and manage initiative level artifacts, including architectural diagrams, implementation planning.

Your Qualifications:

  • 2+ years IT/Information Security Infrastructure & IT Operations experience in two or more of the following areas:
    • Azure/AWS Cloud Environments
    • Identity & Access Management
    • Network Security Management
    • Public Key Infrastructure Management
    • Vulnerability Management & Incident Response
    • SaaS/PaaS Control Development & Management
    • DevSecOps CICD Pipeline Development & Management
  • 1-2 years DevSecOps related disciplines, including but not limited to:
    • Best Practices for Secure Coding in C#, Java, Python
    • Detection, analysis, and response of insecure code methods and vulnerable dependencies
    • Infrastructure as code for Azure or AWS

Compensation:

  • $125,000 - $170,000 base salary per year in the state of CA - New hires should expect to start at the lower end of the range depending on experience
  • Eligible for a discretionary bonus based on firm and individual performance

We will conduct a preliminary screen of applicants based on qualifications, performance and manager feedback. Those who meet the hiring manager's requirements will be moved forward in the process by participating in an interview. If you'd like to know more about the role, feel free to get in touch with Robert McDonnell.

FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER

Apply Now
Back to Top