DevSecOps

Job Summary: The primary role will be to merge development, security, and operations elements
to improve end-to-end system security. You will be responsible for creating and implementing
systems that are optimized for scalability, functionality, and security, enhancing the security
posture of our development and production environments, and working collaboratively with
development and operations teams.

Specific Duties & Responsibilities:
• Collaborate with Software Engineers: Work with software engineers to identify critical
areas for security implementation in the development process.
• Design and Implement Secure Practices: Develop, test, and implement secure software
development practices and standards.
• Automate Security Controls: Automate security controls, data protection, and
vulnerability management systems in deployment pipelines.
• Continuous Monitoring: Monitor the security of applications and infrastructure to identify
potential vulnerabilities and coordinate remediation efforts.
• Incident Response: Participate in incident response and forensic analysis of
cybersecurity events.
• Security Assessments: Conduct regular security assessments, audits, and compliance
checks.
• Training and Awareness: Provide training and awareness to development and
operations teams on secure coding practices and threat mitigation.
• Documentation: Document and communicate security procedures, policies, and how
they align with the company’s business processes.
• Stay Updated: Keep abreast of new security technologies and integrate them into the
security architecture design where applicable

Qualifications:
• Educational Background: Bachelor’s degree in engineering, computer science, or a
related field.
• Experience: 5+ years of related job experience.
• Technical Expertise: Proficiency in DevSecOps toolkits such as Ansible, Jenkins,
Artifactory, Jira, Black Duck, Terraform, Git/Version Control Software.
• Security Frameworks: Familiarity with information security frameworks and standards.
• DevOps Automation: Knowledge of DevOps automation tools like Terraform, GitHub,
and GitHub Actions.
• Security Services: Experience with security services like Prisma Cloud, SIEM, SOC,
Nessus, CrowdStrike.
• Problem-Solving Skills: Strong analytical and problem-solving skills.
• Communication Skills: Excellent verbal and written communication skills.
• Team Collaboration: Ability to work collaboratively in a team environment.
• Adaptability: Ability to adapt to new technologies and learn quickly.

Languages:
• SQL (Optional)
• Bash, Perl, PowerShell, Ruby and Python (Optional)

Tools and Services:
• CI/CD Pipelines
• Kubernetes / Docker
• Cloud Services (Optional)
• Git or SVN (Optional)
• Terraform (Optional)