Snap-on Tools UK & Ireland · 7 hours ago
DevOps Engineer
Tustin, CA
Full-time
Onsite
Mid, Senior Level
$130K/yr - $140K/yr
3+ years expSnap-on Inc is a leader in industrial vending technology, seeking an on-site DevOps Engineer to own infrastructure architecture and the end-to-end Secure Software Development Lifecycle (SSDLC) for their mission-critical SaaS platform. The role involves building automated pipelines, managing identity and networking as code, and leading the transition to automated 'Security-as-Code.'
IndustrialManufacturingAutomotive
Responsibilities
Design, build, and maintain YAML-based CI/CD pipelines in Azure DevOps
Integrate self-hosted build agents to securely bridge build/deployment pipelines with on-premises and colocation environments
Automate application and infrastructure deployments to VMware vSphere using Terraform and/or Ansible
Enforce policy-driven security gates and approval workflows prior to production releases
Embed security controls directly into CI/CD pipelines and infrastructure-as-code workflows
Implement and manage SAST, DAST, and SCA tooling to identify vulnerabilities early
Partner with engineering teams to remediate findings and promote secure coding practices
Architect and maintain site-to-site IPsec VPNs between on-premises and colocation data centers
Design for high availability, low latency, and fault tolerance across SaaS workloads
Apply Zero Trust principles, including segmentation and least-privilege access
Establish unified monitoring, logging, and alerting across Azure DevOps and VMware environments
Secure and manage Active Directory environments supporting application authentication and service identities
Administer service accounts, GPOs, and privileged access
Maintain hybrid identity integration with Microsoft Entra ID (Azure AD) for centralized access governance and auditability
Implement centralized secrets management (e.g., HashiCorp Vault) to eliminate hard-coded credentials and enforce rotation, least privilege, and auditing
Automate Compliance-as-Code controls aligned to cybersecurity frameworks
Operationalize NIST, CMMC, and FISMA-aligned controls across pipelines, infrastructure, identity, and secrets management
Support audit readiness through automated evidence collection and continuous control enforcement
Participate in on-call rotations supporting 24/7 SaaS availability
Lead blameless post-incident reviews (RCAs) and ensure learnings feed back into platform reliability and security improvements
Qualification
Required
Bachelor's degree in Computer Science, Information Systems, Engineering, Cybersecurity, or equivalent practical experience
3–5+ years of experience in DevOps, DevSecOps, SRE, or Infrastructure Engineering roles supporting SaaS platforms
Strong experience with Azure DevOps Pipelines and YAML-based workflows
Hands-on experience with Infrastructure as Code (Terraform and/or Ansible)
Experience operating VMware vSphere environments (ESXi, vCenter, or equivalent)
Experience integrating security tools such as Snyk, SonarQube, Checkmarx, or similar into CI/CD pipelines
Solid understanding of vulnerability management and secure development practices
Strong knowledge of IPsec VPNs, hybrid networking, and connectivity troubleshooting
Experience securing Active Directory in hybrid environments
Familiarity with Microsoft Entra ID (Azure AD) identity synchronization and access governance
Proficiency in PowerShell, Bash, or Python for automation
Preferred
Experience implementing Zero Trust or network micro-segmentation
Hands-on experience with HashiCorp Vault or enterprise secrets management platforms
Prior involvement in regulated or compliance-driven environments
Benefits
Healthcare
401k
Life insurance
PTO
Company
Snap-on Tools UK & Ireland
Snap-on UK Holdings Ltd is a subsidary of Snap-on Incorporated and is a leading global innovator, manufacturer and marketer of tools, equipment, diagnostics, repair information and system solutions for professional users performing critical tasks.
201-500 employees
H1B Sponsorship
Snap-on Tools UK & Ireland has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (4)
2023 (1)
2022 (3)
2021 (5)
2020 (4)
Funding
Current Stage
Growth StageCompany data provided by crunchbase