DevSecOps Engineer

Who we are:

Open-minded intellectuals who embrace emerging technologies on our mission to create innovative Software Engineering Solutions that will impact millions of users around the world.

We are seeking a DevSecOps Engineer with a strong background in security compliance, and automated security controls. This role will ensure that our infrastructure and products, CI/CD pipelines, and software delivery processes meet industry security standards and regulatory requirements. The ideal candidate combines DevOps engineering expertise with deep knowledge of compliance frameworks and automated security tooling.

Responsibilities

• Support the System development lifecycles in execution of daily tasks including, but not limited to user/system security requirements analysis and testing;

• Participate in Cyber Risk Assessment related activities to include Risk Management Framework, Vulnerability Scanning/Management, script/app development, and similar activities;

• Responsible for identifying and assessing threat vectors impacting our product;

• Engineer, implement, and monitor security measures for the protection of our products. The development and implementation of processes is also a central aspect of the role, as well as ensuring all compliance requirements are met;

• Manage communication between our company and our clients regarding cybersecurity.

• Maintain documentation regarding configurations, operations and troubleshooting.

Qualifications

• University degree in Electronics, Computer Science or similar education

• Minimum 3 years of experience

• Mandatory documentation/technical writing skills

• Good knowledge on Linux OS administration, TCP/IP networking concepts, virtualization and databases

• Proficiency using versioning tools (Git, SVN), experience working with CI/CD concepts and methodologies

• Good knowledge on monitoring technologies/tools (Zabbix, Grafana, etc)

• Good understanding of scripting languages (Python, Bash, etc)

• Knowledge of vulnerability scanning tools (Nessus, Qualys, etc)

• Knowledge of SAST/DAST tools (SonarQube, ZAP, BurpSuite, etc)

• Attention to details, ability to fast adapt to new technologies

• Product lifecycle and software release

• Working with Infrastructure as a code, Ansible, yaml, and orchestration – nice to have

• Experience working on AGILE/Scrum methodologies – is a plus

• Essential English skills

• Minimal security concepts for infrastructure (network, application, certification) – also a plus

#LI-LN2