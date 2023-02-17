Digital Full Stack Developer – Gauteng Sandton

Key purpose:

Candidates must be proficient in Azure, AWS, Docker, Kubernetes, Terraform, building and modifying CI/CD pipelines, implementing and configuring security tooling – e.g. Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST).

Duties and responsibilities:

Ensure successful implementation and embedment of effective DevSecOps solutions (i.e. SAST, DAST, CWPP, SCA, etc.)

Assist the Engineering and Development teams to build effective and secured CI/CD pipelines, assisting in the configuration and maintenance of the pipelines – shifting security left

Ensure that capabilities are deployed through a CI/CD pipelines with security requirements adhered to prior to deployment

Communicate application security features to the engineering and development teams utilising a triad of people, processes, and technology

Advise engineering teams to consider patterns in software security development and best practice, provide recommendations on approach and automation related to security

Ensure compliance with Security and Operational risk standards

Work with the Cloud team in the engineering of solutions on AWS Cloud using Infrastructure As Code methods such as Terraform and Ansible

Proactively monitor and x vulnerabilities while building a “knowledge base”

Qualifications and experience:



5+ years of experience developing software from scratch and/or building existing systems in a large enterprise environment

5 years of related job experience (DevOps & Security)

5 experience with Ansible, Jenkins, Azure DevOps, Artifactory, Jira, Terraform, Git/Version Control Software (GitHub)

Knowledge of DevSecOps tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and congure the above mentioned tooling (including integration into CI/CD pipelines)

Comprehensive technical expertise in a variety of DevSecOps toolkits, including Ansible, Jenkins, Azure DevOps, Artifactory, Jira, Terraform, Git/Version Control Software (GitHub).

Familiarity with information security frameworks and standards

Knowledge of DevOps Automation (TerraFrom, GitHub, GitHub Actions).

Knowledge of DevSecOps tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and congure the above mentioned tooling (including integration into CI/CD pipelines)

Familiarity with API Security, Container Security, AWS Cloud Security

Familiarity with Amazon AWS policy, conguration, and security management tools.

Experience with security automation

Excellent analytical and interpersonal skills

Ability to express technical information clearly at different organizational levels

Advantage if you have the relevant Cloud and/or Security Certifications, such as CISM, CISSP, DevSecOps Practitioner Certification, AWS Certified Security Speciality, AWS Certified Developer or similar

Desired Skills:

Communication skills

Confident

Problem-solvinng skills

