Key purpose:
Candidates must be proficient in Azure, AWS, Docker, Kubernetes, Terraform, building and modifying CI/CD pipelines, implementing and configuring security tooling – e.g. Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST).
Duties and responsibilities:
- Ensure successful implementation and embedment of effective DevSecOps solutions (i.e. SAST, DAST, CWPP, SCA, etc.)
- Assist the Engineering and Development teams to build effective and secured CI/CD pipelines, assisting in the configuration and maintenance of the pipelines – shifting security left
- Ensure that capabilities are deployed through a CI/CD pipelines with security requirements adhered to prior to deployment
- Communicate application security features to the engineering and development teams utilising a triad of people, processes, and technology
- Advise engineering teams to consider patterns in software security development and best practice, provide recommendations on approach and automation related to security
- Ensure compliance with Security and Operational risk standards
- Work with the Cloud team in the engineering of solutions on AWS Cloud using Infrastructure As Code methods such as Terraform and Ansible
- Proactively monitor and x vulnerabilities while building a “knowledge base”
Qualifications and experience:
- 5+ years of experience developing software from scratch and/or building existing systems in a large enterprise environment
- 5 years of related job experience (DevOps & Security)
- 5 experience with Ansible, Jenkins, Azure DevOps, Artifactory, Jira, Terraform, Git/Version Control Software (GitHub)
- Knowledge of DevSecOps tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and congure the above mentioned tooling (including integration into CI/CD pipelines)
- Comprehensive technical expertise in a variety of DevSecOps toolkits, including Ansible, Jenkins, Azure DevOps, Artifactory, Jira, Terraform, Git/Version Control Software (GitHub).
- Familiarity with information security frameworks and standards
- Knowledge of DevOps Automation (TerraFrom, GitHub, GitHub Actions).
- Knowledge of DevSecOps tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and congure the above mentioned tooling (including integration into CI/CD pipelines)
- Familiarity with API Security, Container Security, AWS Cloud Security
- Familiarity with Amazon AWS policy, conguration, and security management tools.
- Experience with security automation
- Excellent analytical and interpersonal skills
- Ability to express technical information clearly at different organizational levels
- Advantage if you have the relevant Cloud and/or Security Certifications, such as CISM, CISSP, DevSecOps Practitioner Certification, AWS Certified Security Speciality, AWS Certified Developer or similar
Key purpose:
Candidates must be proficient in Azure, AWS, Docker, Kubernetes, Terraform, building and modifying CI/CD pipelines, implementing and configuring security tooling – e.g. Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST).
Duties and responsibilities:
- Ensure successful implementation and embedment of effective DevSecOps solutions (i.e. SAST, DAST, CWPP, SCA, etc.)
- Assist the Engineering and Development teams to build effective and secured CI/CD pipelines, assisting in the configuration and maintenance of the pipelines – shifting security left
- Ensure that capabilities are deployed through a CI/CD pipelines with security requirements adhered to prior to deployment
- Communicate application security features to the engineering and development teams utilising a triad of people, processes, and technology
- Advise engineering teams to consider patterns in software security development and best practice, provide recommendations on approach and automation related to security
- Ensure compliance with Security and Operational risk standards
- Work with the Cloud team in the engineering of solutions on AWS Cloud using Infrastructure As Code methods such as Terraform and Ansible
- Proactively monitor and x vulnerabilities while building a “knowledge base”
Qualifications and experience:
- 5+ years of experience developing software from scratch and/or building existing systems in a large enterprise environment
- 5 years of related job experience (DevOps & Security)
- 5 experience with Ansible, Jenkins, Azure DevOps, Artifactory, Jira, Terraform, Git/Version Control Software (GitHub)
- Knowledge of DevSecOps tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and congure the above mentioned tooling (including integration into CI/CD pipelines)
- Comprehensive technical expertise in a variety of DevSecOps toolkits, including Ansible, Jenkins, Azure DevOps, Artifactory, Jira, Terraform, Git/Version Control Software (GitHub).
- Familiarity with information security frameworks and standards
- Knowledge of DevOps Automation (TerraFrom, GitHub, GitHub Actions).
- Knowledge of DevSecOps tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and congure the above mentioned tooling (including integration into CI/CD pipelines)
- Familiarity with API Security, Container Security, AWS Cloud Security
- Familiarity with Amazon AWS policy, conguration, and security management tools.
- Experience with security automation
- Excellent analytical and interpersonal skills
- Ability to express technical information clearly at different organizational levels
- Advantage if you have the relevant Cloud and/or Security Certifications, such as CISM, CISSP, DevSecOps Practitioner Certification, AWS Certified Security Speciality, AWS Certified Developer or similar
Desired Skills:
- Communication skills
- Confident
- Problem-solvinng skills