Remote DevSecOp

Insight Globalposted 9 months ago
Full-time
Remote • Warren, NJ
Administrative and Support Services
Resume Match Score
Upload and Match ResumeTrack Jobs with Teal

About the position

Insight Global is seeking a fully remote DevSecOps engineer who will work east coast hours starting at 7 AM. This role is crucial in building an effective automation pipeline and supporting the application team with the integration of new tools. The ideal candidate is self-motivated and requires minimal supervision to successfully deliver projects. The responsibilities include building pipelines for integrating security tools into CI/CD processes using Azure and GitHub Actions, publishing artifacts, and performing manual code reviews to verify false positives from automated scanning. Additionally, the engineer will be responsible for writing requirements and test cases to conduct proof of concepts for selecting new tools for various security assessments, including SAST, IAST, IAC, API, Secret, and Container scanning. The position also requires the candidate to take on leadership responsibilities at times, ensuring that the correct processes are established and educating team members to achieve desired results for the organization. This role is integral to fostering a culture of security within the development processes and ensuring that security practices are effectively integrated into the software development lifecycle.

Responsibilities

  • Build and maintain automation pipelines for integrating security tools in CI/CD processes using Azure and GitHub Actions.
  • Publish artifacts and perform manual code reviews to verify false positives from automated scanning.
  • Write requirements and test cases for proof of concepts to select new security tools.
  • Lead the DevSecOps program from the security team's perspective and collaborate with IT teams to define DevSecOps processes.
  • Explain security vulnerabilities and remediation strategies to stakeholders who may not be familiar with security concepts.

Requirements

  • 7+ years of Application Security experience to support changes in the current environment and understand vulnerability scanning.
  • Experience performing CI/CD and manual scans including SAST, DAST, Infra-As-A-Code, API, Secret, and Container scanning.
  • Proficiency in coding with Bash, PowerShell, Python, and YAML to implement and build pipelines.
  • Excellent communication skills to articulate security vulnerabilities and remediation to non-security personnel.
  • Strong leadership skills to guide the DevSecOps program and collaborate with IT teams.
Build your resume with AI

A Smarter and Faster Way to Build Your Resume

Go to AI Resume Builder

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service