DevSecOps Engineer at Ztek Consulting

We need one who has Knowledge of security within cloud environment, especially around networking, security and administration

Required Skills

• Familiar with Jenkins based CI/CD Pipelines
• Working experience to implement and test automation scripts and setups
• Familiar with integrating security tools and providing vulnerability assessments. Leveraging tools such as Burp Suite Enterprise, Checkmarx, NowSecure, OWASP ZAP
• Understanding of OWASP Top 10 and SANS Top 25 vulnerabilities and how to remediate
• Working knowledge of using API to interact with web services provided by tools
• Conduct tool evaluations and build proof of concepts
• Integrate with reporting tools to provide consolidated view
• Ability to turn technical standards into working practice
• Assist in driving consistency and standardization of DevSecOps services across the enterprise
• Strong Automation, IaC skills (Ansible, Python).
• Maintain documentations and user guides
• Knowledge of security within cloud environment, especially around networking, security and administration
• A motivated and flexible approach to work in an adapting fast-moving Agile environment utilizing technology and tools such as Jira, Jira Align, Miro, Confluence.
• Can demonstrate strong performance ethos and personal commitment for outstanding customer service
• Ability to interface with both technical and non-technical teams
• Willingness to train and upskill on a continuous basis
• Excellent communication, time management and organizational skills

Qualifications & Experience

• Should be educated to degree Level in Digital Forensics, Information Security, DevOps or an IT related discipline
• Should hold relevant industrial security / DevSecOps / DevOps certifications, or willingness to acquire
• Provide security services and support for client's business groups. Interact directly with team globally to perform DevSecOps services. Will be responsible for implementing, integrating, and testing of security scan automation features in CI/CD pipelines

Description

DevSecOps Engineer

Remote Job - United States | Posted - 18/08/22

Role Summary

• Provide security services and support for client’s business groups. Responsible for implementing, integrating, and testing of security scan automation.
• Interact directly with team globally to perform DevSecOps services features in CI/CD pipelines
• Below are the client expectations.
• DevSecOps Experience (5+ years), Leadership, Strong Automation skills preferably Python a must.
• DevSecOps experience in these areas (SAST, MAST, DAST, SCA, Opensource)
• DevOps (CI/CD) experience a plus.
• Responsibilities will include some of the following
• Application vulnerability assessments automation
• Support secure application development practices and a secure development mentality
• Identifying, communicating, and providing targeted remediation of vulnerabilities
• Developing and updating security patterns aligned with security requirements
• Identifying application security requirements for projects
• Coordinating and collaborating with multiple teams to ensure the confidentiality, integrity, and availability of assets that meets business needs
• Performing other security-related projects that may be assigned according to skills
• DevSecOps, integrating security into CI/CD pipelines
• Automation of security controls and standards