Assignment description

We are looking for a seasoned Senior DevSecOps Consultant to lead the integration of security into our client’s development and operations processes. This role is critical in bridging the gap between fast-paced software development and maintaining robust security postures. The candidate will be at the forefront of implementing and fine-tuning DevSecOps strategies in their CI/CD pipelines.

What you’ll do:

  • DevSecOps Strategy Implementation: Support and implement a comprehensive DevSecOps strategy that aligns with organizational objectives and security standards.
  • CI/CD Pipeline Security Integration: Integrate security tools and practices within CI/CD pipelines to automate security checks and ensure continuous security compliance.
  • Security Automation and Orchestration: Design and implement security automation scripts and workflows to enhance the efficiency of the DevSecOps process.
  • Infrastructure as Code (IaC) Security: Ensure security best practices are embedded in IaC scripts and configurations.
  • Container and Microservices Security: Implement security measures for containerized applications and microservices architectures.
  • Collaboration and Training: Work collaboratively with development and operations teams to build a strong DevSecOps culture; provide training and mentorship in security best practices.

Requirements:

  • Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
  • Experience: Minimum of 3-5 years of experience in DevSecOps, with a proven track record of implementing security in DevOps environments.

Technical Skills:

  • Expertise in automation and orchestration tools (e.g., Jenkins, Ansible, Chef, Puppet).
  • Proficient in cloud environments (AWS, Azure, GCP) and understanding of cloud-native security principles.
  • Good knowledge of containerization and orchestration tools (Docker, Kubernetes) and their security configurations.
  • Experience with infrastructure as code (Terraform, CloudFormation) and ensuring the security of IaC.
  • Proficient in implementing and configuring security tools such as SAST, DAST, IAST, RASP, and vulnerability scanners.
  • Familiarity with secure coding practices and application security standards.

Security Knowledge:

  • Strong understanding of network and application security, threat modeling, risk assessment techniques, and cybersecurity frameworks (e.g., OWASP, NIST).
  • Knowledge of compliance requirements (e.g., GDPR, HIPAA).

Desired attributes:

  • Excellent communication skills.
  • Strong problem-solving abilities and analytical mindset.
  • Ability to foster a culture of security awareness and best practices within DevOps teams.
Detaljer

Referens:37258

Ort: Distans, Göteborg

Omfattning:100%

Startdatum:Omgående

Slutdatum:2024-06-30

Konsultförmedlare

Det går inte längre att söka den här tjänsten.