Description

Job Description:

  • Contribute to the development of the Pipeline Security Standard
  • Collaborate with Development teams to identify security tools to automate scans such as SAST/DAST/IAST.
  • Enhance existing CI/CD Processes leveraging secure pipeline criteria, propose best practices, work with Engineering to streamline automation and remove manual processes.
  • Work with development to ensure a security-first culture and work instructions and processes to ensure verification.
  • Create Monitoring by providing key metrics and tools to monitor different static and dynamic systems
  • Analyze AWS Cloud Infrastructure usage and implement changes to increase security, management, and scalability
  • Train junior DevOps on best practices and propose future tool and procedure integration

 

Desired Skills:

  • Knowledge of DevOps, DevSecOps and Security Architecture with NIST CSF
  • Applicant must be proficient in the use, creation and security of CI/CD pipelines
  • Familiarity with IaC and CaC
  • Familiarity with AWS Cloud, Atlassian/BitBucket, etc. from a security perspective.
  • Understanding of SAST/DAST/SCA/IAST and impact of integration to the pipeline. One or more scanners like SonarQube, Snyk, OWASP ZAP.
  • Monitoring tools such as Prometheus, Grafana, etc. as well as AWS Monitoring.
  • Familiarity with Software development and Application Development with a deep understanding of secure coding principles.
  • Understanding of Quality Control and Test Automation in Agile-based Continuous Integration environments.
  • A strong understanding of cybersecurity principles, with a desire to stay up-to-date with the latest threats and trends.
  • Translate business requirements and context into secure, sound and efficient solutions.

 

Qualifications:

  • Bachelor's degree in Computer Science, Computer Engineering, Cyber Security, or other relevant field of study preferred.
  • 8+ years of experience with CI/CD and DevSecOps technologies and practices, as well as working in Cybersecurity with a focus on secure application practices
  • 4+ years of AWS DevOps
  • Good understanding of Windows Application and Web Security Architectures
  • Extensive experience working in Agile methodologies as part of an organization.

Education

Any Graduate