Digital Full Stack Developer x 2
Digital Full Stack Developer x 2
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Key purpose:
Candidates must be proficient in Azure AWS Docker Kubernetes Terraform building and modifying CI/CD pipelines implementing and configuring security tooling e.g. Software Composition Analysis (SCA) Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST).
Duties and responsibilities:
- Ensure successful implementation and embedment of effective DevSecOps solutions (i.e. SAST DAST CWPP SCA etc.)
- Assist the Engineering and Development teams to build effective and secured CI/CD pipelines assisting in the configuration and maintenance of the pipelines shifting security left
- Ensure that capabilities are deployed through a CI/CD pipelines with security requirements adhered to prior to deployment
- Communicate application security features to the engineering and development teams utilising a triad of people processes and technology
- Advise engineering teams to consider patterns in software security development and best practice provide recommendations on approach and automation related to security
- Ensure compliance with Security and Operational risk standards
- Work with the Cloud team in the engineering of solutions on AWS Cloud using Infrastructure As Code methods such as Terraform and Ansible
- Proactively monitor and fix vulnerabilities while building a knowledge base
Qualifications and experience:
- At least 5 years at Financial Service Provider
- 5 years of experience developing software from scratch and/or building existing systems in a large enterprise environment
- 5 years of related job experience (DevOps & Security)
- 5 experience with Ansible Jenkins Azure DevOps Artifactory Jira Terraform Git/Version Control Software (GitHub)
- Knowledge of DevSecOps tooling in the following spaces:
- SCA SAST DAST IAST CWPP and the ability to install and configure the above mentioned tooling (including integration into CI/CD pipelines
- Comprehensive technical expertise in a variety of DevSecOps toolkits including Ansible Jenkins Azure DevOps Artifactory Jira Terraform Git/Version Control Software (GitHub).
- Familiarity with information security frameworks and standards
- Knowledge of DevOps Automation (TerraFrom GitHub GitHub Actions).
- Knowledge of DevSecOps tooling in the following spaces:
- SCA SAST DAST IAST CWPP and the ability to install and configure the above mentioned tooling (including integration into CI/CD pipelines)
- Familiarity with API Security Container Security AWS Cloud Security
- Familiarity with Amazon AWS policy configuration and security management tools.
- Experience with security automation
- Excellent analytical and interpersonal skills
- Ability to express technical information clearly at different organizational levels
- Advantage if you have the relevant Cloud and/or Security Certifications such as CISM CISSP DevSecOps Practitioner Certification AWS Certified Security Speciality AWS Certified Developer or similar
Employment Type
Full Time
