DevSecOps
In this role, you will integrate security into every phase of our client’s software development and deployment processes. You will collaborate with cross-functional teams to ensure that applications meet the highest security standards, automating and streamlining operations and security processes to provide a robust and secure infrastructure. The chosen security tool for SDLC is the Snyk platform, including Snyk Code, Snyk Open Source, Snyk Container, and Snyk Infrastructure as Code.
Your future duties and responsibilities:
• Develop, maintain, and improve Continuous Integration and Continuous Deployment (CI/CD) pipelines, ensuring integration of security practices.
• Conduct code reviews and implement security best practices throughout the software development lifecycle (SDLC).
• Automate security processes to minimize manual effort and reduce the risk of human errors.
• Work closely with development teams to address security issues and ensure compliance with security standards and regulatory requirements.
• Manage and respond to security incidents, providing expertise in incident resolution and conducting post-mortem analysis to prevent future occurrences.
• Leverage containerization technologies such as Docker to enhance development workflows and application scalability.
• Implement and manage Kubernetes for container orchestration, ensuring stability and resilience of distributed systems.
• Utilize basic knowledge of Azure cloud services to support deployment and management of secure applications.
• Stay updated with emerging security threats and technologies, continuously improving our security posture.
Required qualifications to be successful in this role:
• Proven experience in a DevSecOps role, with a strong understanding of software development and operational processes.
• Expertise in security principles, including secure coding practices, threat modeling, and security testing.
• Proficiency with CI/CD tools, containerization technologies such as Docker, and infrastructure as code.
• Experience with Kubernetes for deploying, scaling, and monitoring applications.
• Familiarity with Azure cloud services, with basic knowledge of its key features (e.g., virtual machines, networking, storage solutions).
• Understanding of security frameworks (e.g., NIST) and compliance requirements.
• Excellent problem-solving skills and adaptability to new technologies.
• Strong communication and collaboration abilities.
• Experience with automated security tools and incident response management.
Preferred Qualifications:
• Certifications in Docker, Kubernetes, or Azure-related technologies.
• Familiarity with tools like Helm, Terraform, and Ansible for deployment and infrastructure automation.
• Experience integrating security practices into multi-cloud environments.