Key purpose:
Candidates must be proficient in Azure, AWS, Docker, Kubernetes, Terraform, building and modifying CI/CD pipelines, implementing and configuring security tooling - e.g. Software Composition Analysis (SCA), Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST).
Duties and responsibilities:
Ensure successful implementation and embedment of effective Dev Sec Ops solutions (i.e. SAST, DAST, CWPP, SCA, etc.) Assist the Engineering and Development teams to build effective and secured CI/CD pipelines, assisting in the configuration and maintenance of the pipelines - shifting security left Ensure that capabilities are deployed through a CI/CD pipelines with security requirements adhered to prior to deployment Communicate application security features to the engineering and development teams utilising a triad of people, processes, and technology Advise engineering teams to consider patterns in software security development and best practice, provide recommendations on approach and automation related to security Ensure compliance with Security and Operational risk standards Work with the Cloud team in the engineering of solutions on AWS Cloud using Infrastructure As Code methods such as Terraform and Ansible Proactively monitor and fix vulnerabilities while building a knowledge base
Qualifications and experience: At least 5 years at Financial Service Provider 5+ years of experience developing software from scratch and/or building existing systems in a large enterprise environment 5 years of related job experience (Dev Ops & Security) 5 experience with Ansible, Jenkins, Azure Dev Ops, Artifactory, Jira, Terraform, Git/Version Control Software (Git Hub) Knowledge of Dev Sec Ops tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and configure the above mentioned tooling (including integration into CI/CD pipelines Comprehensive technical expertise in a variety of Dev Sec Ops toolkits, including Ansible, Jenkins, Azure Dev Ops, Artifactory, Jira, Terraform, Git/Version Control Software (Git Hub). Familiarity with information security frameworks and standards Knowledge of Dev Ops Automation (Terra From, Git Hub, Git Hub Actions). Knowledge of Dev Sec Ops tooling in the following spaces: SCA, SAST, DAST, IAST, CWPP and the ability to install and configure the above mentioned tooling (including integration into CI/CD pipelines) Familiarity with API Security, Container Security, AWS Cloud Security Familiarity with Amazon AWS policy, configuration, and security management tools. Experience with security automation Excellent analytical and interpersonal skills Ability to express technical information clearly at different organizational levels Advantage if you have the relevant Cloud and/or Security Certifications, such as CISM, CISSP, Dev Sec Ops Practitioner Certification, AWS Certified Security Speciality, AWS Certified Developer or similar #J-18808-Ljbffr
Sign in
To continue your applicationor continue with email
By continuing you agree to our Terms & Privacy Policy.
