Dear Okta Talent Acquisition team,
I would like to be considered for the DevSecOps Engineer role you have posted on your careers page. For the past several years I have worked in DevSecOps work, and I would be glad to bring that to your team.
I spent some time reading about Okta, and what stood out was your shift-left security push and the engineering write-ups your team keeps posting on securing the software supply chain. This seems a good moment to join, and I would gladly put my DevSecOps work experience to work on that.
From the job description, your three main needs for this role are security in the CI/CD pipeline, vulnerability scanning and remediation and secrets management and compliance. Those determine whether a DevSecOps hire works out, and I have solid results behind each.
On security in the CI/CD pipeline, my go-to tools are SAST, DAST and Snyk. As a DevSecOps Engineer at Plaid, I handled wiring SAST and DAST into the pipeline so vulnerabilities get caught before they ship. Beyond that, I wrote the security gates the whole org's deploys now pass through.
For vulnerability scanning and remediation, I depend on Trivy, Dependabot and container scanning. Over my time as a DevSecOps Engineer at Plaid, I took on cutting critical production vulnerabilities by 70% with automated scanning and fast remediation.
On secrets management and compliance, I bring Vault, OPA and SOC 2 controls. Working as a DevSecOps Engineer at Plaid, I owned rolling out Vault so no service ships secrets in plaintext anymore. On top of that, I built the policy-as-code checks that keep every deploy inside our compliance baseline.
I would be happy to talk any of this through in an interview and show why I fit. I am ready to keep your pipeline secure without slowing releases down, and to grow with the team.
I would be glad to set up a time to talk.
Yours sincerely,
Theo Script
theo.script@gmail.com