Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Job Description



Looking for a DevSecOps Engineer to join our team. This is a key role which focuses on building and maintaining the tooling and infrastructure used to automate the release, deployment, and upgrade processes for workloads. This individual will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open source solutions to remediate the vulnerabilities.



Duties:

Designing automated, containerized cloud application platform solutions with a focus on application concerns, including cloud-native distributed application architectures, migrating workloads to containers, containerized development workflows, security, and integrating container platforms with automated CI and CD pipelines
Automate and maintain application deployment via CI/CD Pipelines using industry best practices and open-source software.
Implementing relevant security monitoring, compliance, and enforcement points into the CI/CD pipelines
Building automated testing systems in collaboration with technology and product teams to develop and execute UAT / Integration / Penetration / Performance / Regression / Load tests.
Providing leadership in the DevSecOps areas of Vulnerability Scanning, Certificate Management, Password Policy Management, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts.
Monitor system performance.


Required Qualification:

Must-Have:

Experience with designing, building, management and operation of the continuous delivery framework and tools.
Experience with designing, building, management and operation of the infrastructure as a service layer (cloud-based platforms) that supports the different platform services
Familiarity with continuous integration/deployment processes and tools such as IDEs (Eclipse, Visual Studio), Source Code management. (GIT/Bitbucket), Maven, etc.
Understanding of cloud delivery models: PaaS, SaaS and IaaS.

Experienece in Golang is Must.
Strong background in test automation development and Web Service automation testing.
Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
Experience with designing automated, containerized cloud application platform solutions with a focus on application concerns, including cloud-native distributed application architectures, migrating workloads to containers, containerized development workflows, security, and integrating container platforms with automated CI and CD pipelines
Knowledge, skills and abilities to engineer and automate application deployment via CI/CD Pipelines using industry best practices and open source software.
Experience with building continuous delivery pipelines to manage and automate the lifecycle of the different platform components
Experience with implementing relevant security monitoring, compliance, and enforcement points into the CI/CD pipelines.
Experience with building automated testing systems in collaboration with technology, DevOps and product teams to execute UAT / Integration / Penetration / Performance / Regression / Load tests
Automation of security controls for Infra and Cloud Vulnerabilities.
Control and management of security operation.
Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Panaseer, Rapid 7, Wiz.io, etc.).
Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
Capability to prepare security vulnerability and risk management reports for management.
Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes.
Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring (Cloud) tools, etc.
Experience configuring, implementing, and leveraging computer security and networking diagnostic/monitoring tools.
Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)