About the position
The DevSecOps Engineer role focuses on integrating security practices into the software development lifecycle, particularly within CI/CD pipelines. The position requires a strong background in DevSecOps methodologies, automation of security testing, and collaboration with various teams to enhance the security posture of the organization.
Responsibilities
- Develop and implement security tools and practices into CI/CD pipelines.
- Automate security testing and monitoring within CI/CD pipelines to detect vulnerabilities early.
- Collaborate with development, operations, and security teams for seamless integration of security practices.
- Conduct regular security assessments and audits to identify and mitigate security risks.
- Assist in the development and implementation of incident response plans and procedures.
- Stay updated with the latest security trends, tools, and best practices for continuous improvement.
- Maintain comprehensive documentation of security processes, tools, and procedures.
Requirements
- Proven experience in DevSecOps and the integration of security tools within CI/CD pipelines.
- Familiarity with CI/CD tools such as Jenkins, GitLab CI, CircleCI, etc.
- Experience with security tools like SAST, DAST, and vulnerability scanners.
- Strong programming skills in Python, Java, or similar languages.
- Hands-on experience with AWS and its security services.
- In-depth understanding of security principles, DevOps practices, and cloud security.
Nice-to-haves
- Familiarity with additional programming languages or security tools.
- Experience in a cloud-native environment.
