DevSecOps Engineer

As a DevSecOps Engineer, you will play a crucial role in integrating security practices into our software development and operations processes. You will collaborate with development teams, security professionals, and operations personnel to ensure the secure design, development, deployment, and maintenance of our systems and applications.

SecOps Principal duties and Responsibilities:

● Collaborate with cross-functional teams to identify security requirements, define security controls, and embed security into the development and operations processes.

● Collaborate with cross-functional teams, promoting communication, and facilitating the adoption of security practices throughout the development process.

● Perform regular security audits to identify potential security breaches or anomalies.

● Provide guidance and support to development teams in implementing secure coding practices, secure configuration management, and secure deployment strategies.

● Stay up to date with the latest industry trends, security threats, and best practices related to DevSecOps, and recommend improvements and enhancements to security practices.

● Participate in threat modeling exercises to identify potential security risks and vulnerabilities in software applications or infrastructure.

DevOps (Optional) duties and Responsibilities:

● Design, develop, and implement secure DevOps practices, processes, and toolchains to integrate security into the software development lifecycle (SDLC).

● Implement and maintain security monitoring and incident response capabilities to detect and respond to security incidents.

● Develop and maintain secure infrastructure configurations, including network architecture, access controls, and authentication mechanisms.

● Automate security controls and processes to enable continuous integration, continuous delivery, and continuous deployment (CI/CD) pipelines.

● Collaborate with the operations team to ensure the secure operation and maintenance of infrastructure, platforms, and applications.

Qualifications:

● Bachelor's degree or equivalent experience in Computer Science or related field

equivalent work experience).

● Proven experience working as a DevSecOps Engineer or in a similar role.

● Strong knowledge of secure software development practices, secure coding principles, and secure configuration management.

● Cloud Automation including Terraform and Cloud Formation.

● Experience with DevOps methodologies, tools, and processes, including CI/CD pipelines and infrastructure-as-code (IaC).

● Familiarity with security technologies and tools, such as vulnerability scanners, penetration testing tools, and security information and event management (SIEM) systems.

● Solid understanding of network security, authentication mechanisms, access controls, and encryption technologies.

● Experience with Azure cloud platform and associated security controls.

● Knowledge of containerization technologies (e.g., Docker, Kubernetes) and their security considerations.

● Strong scripting and automation skills (e.g., Python, PowerShell, Bash).

● Certifications such as Certified DevSecOps Professional (CDP), Certified Secure Software Lifecycle Professional (CSSLP), or Certified Cloud Security Professional (CCSP) are a plus.

● Excellent problem-solving skills and the ability to work effectively in a fast-paced, collaborative team environment.

● Strong communication skills with the ability to convey complex security concepts to technical and non-technical stakeholders.