Application Security Architect with strong DevSecOps

Charlotte - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

The job posting is outdated and position may be filled

Job Summary

Role: Application Security Architect with strong DevSecOps

Location: NJ/Charlotte (Day 1 onsite)

Job Type: Full Time

Key Responsibilities

Assess the architecture controls processes and deployments of secure CI/CD pipelines
Assess current integrations of security controls and automation in the development workflows
Collaborate with development operations and security teams to understand the security best practices and compliance standards
Review the adoption of secure coding practices and their effectiveness
Evaluate potential options for automating security checks integrating security tools and controls and ensuring security throughout the development lifecycle
Strategize and develop plans to modernize pipelines and remove manual processes

Required Skills & Qualifications

Proven hands-on experience in designing and securing DevOps pipelines and security engineering roles
Expertise in cloud technologies automation tools security controls and a strong understanding of security frameworks and compliance standards
Proven experience working with development operations and security teams to integrate security practices into the development lifecycle
Strong understanding of CI/CD tools (e.g. Jenkins GitLab CI GitHub Actions Azure DevOps).
Working knowledge in branching strategy and development lifecycle management.
Expertise in containerization and orchestration (e.g. Docker Kubernetes).
Proficiency in infrastructure as code (IaC) tools (e.g. Terraform Ansible CloudFormation).
Deep knowledge of security tools and practices (e.g. SAST DAST SCA secrets management).
Experience with cloud platforms (AWS Azure GCP) and their security services.
Strong understanding on secure development lifecycle framework secure code practice and OWASP Top10 vulnerabilities and remediation.
Good knowledge of scripting skills (e.g. Python Bash PowerShell).
Familiarity with compliance frameworks (e.g. NIST ISO 27001 SOC 2).

Preferred Qualifications

Certifications: CISSP CCSP or equivalent. Azure AWS or GCP certification (Security and Devops)

Role: Application Security Architect with strong DevSecOps Location: NJ/Charlotte (Day 1 onsite) Job Type: Full Time Key Responsibilities Assess the architecture controls processes and deployments of secure CI/CD pipelines Assess current integrations of security controls and automation in the d...

Role: Application Security Architect with strong DevSecOps

Location: NJ/Charlotte (Day 1 onsite)

Job Type: Full Time

Key Responsibilities

Assess the architecture controls processes and deployments of secure CI/CD pipelines
Assess current integrations of security controls and automation in the development workflows
Collaborate with development operations and security teams to understand the security best practices and compliance standards
Review the adoption of secure coding practices and their effectiveness
Evaluate potential options for automating security checks integrating security tools and controls and ensuring security throughout the development lifecycle
Strategize and develop plans to modernize pipelines and remove manual processes

Required Skills & Qualifications

Proven hands-on experience in designing and securing DevOps pipelines and security engineering roles
Expertise in cloud technologies automation tools security controls and a strong understanding of security frameworks and compliance standards
Proven experience working with development operations and security teams to integrate security practices into the development lifecycle
Strong understanding of CI/CD tools (e.g. Jenkins GitLab CI GitHub Actions Azure DevOps).
Working knowledge in branching strategy and development lifecycle management.
Expertise in containerization and orchestration (e.g. Docker Kubernetes).
Proficiency in infrastructure as code (IaC) tools (e.g. Terraform Ansible CloudFormation).
Deep knowledge of security tools and practices (e.g. SAST DAST SCA secrets management).
Experience with cloud platforms (AWS Azure GCP) and their security services.
Strong understanding on secure development lifecycle framework secure code practice and OWASP Top10 vulnerabilities and remediation.
Good knowledge of scripting skills (e.g. Python Bash PowerShell).
Familiarity with compliance frameworks (e.g. NIST ISO 27001 SOC 2).