Mandatory skill for DevSecOps role - Fortify / BlackDuck Resposnible for coaching teams to adopt and implement DevSecOps practices. Acts as a change agent who helps set the vision, show the way, and provide thought leadership on removing impediments to DevSecOps success. Coaches and mentors sprint team resources at either the team and/or program levels, including Scrum Masters, Product Owners, Technical Leads and executives to leverage DevSecOps principles, engineering practices and frameworks to deliver high value business capabilities. Helps to coach the team on product management, design thinking, engineering culture, and DevSecOps. Serves as a subject matter expert on scaling DevSecOps development, embraces servant leadership, understands engineering practices and serves as a role model for the team to model DevSecOps behaviors and mindsets, which includes key mindset shifts in the journey to vulnerability management. Designs, develops, and facilitates training of DevSecOps practices to assigned teams. Performs evaluations, and reviews of processes and methodologies. Identifies strengths and continuous improvement recommendations of existing security processes. Basic Qualifications: Bachelor's degree, or equivalent work experience 10 or more years of experience in Information Technology environment Knowledge of CI/CD, Java, Python, .NET, GoLang & JavaScript Frameworks Professional Coaching certification, or equivalent work experience Any Security certifications, or equivalent work experience Security policy creation and automation Working knowledge of system development lifecycle (SDLC) and process change/improvement Preferred Skills/Experience: Extensive experience with Agile engineering practices and techniques. Experience communicating with leads (lead through influence Five or more years of experience with Agile frameworks (Scrum SAFE ) and support tools within an Agile solution environment working on large scale, multiple scrum team. SRE : Automation and CICD pipelines Coding Operating systems and networking Deployment Strategies Monitoring & Logging Traceability APM Familiar with installing and operating applications and databases Change and Incident Management Chaos Testing DevOps : Automated Testing Containerization Kubernetes Observability/Logging GitLab Runners (or any CI/CD tool) Sec Ops : Threat modeling Encryption Access & Controls CI/CD Vulnerability triaging, prioritization, and remediation for the cloud. Managing compliance violations Security policy creation and automation Solving loosely defined problems Familiarity with developer day-to-day ecosystems