DevSecOps Engineer

Job Description:

We are excited to welcome an experienced and highly motivated DevSecOps Engineer to our team. In this role, you will play a pivotal part in designing, implementing, and maintaining secure, reliable, and scalable systems for our online websites. If you have a passion for cybersecurity and want to contribute to cutting-edge projects, we encourage you to apply!

Key Responsibilities:

  1. Secure and Scalable Systems: Collaborate with development, operations, and security teams to design and implement systems that are both secure and scalable, ensuring the utmost reliability.
  2. Automated Security Checks: Automate security and compliance checks into the software development and delivery process, adhering to industry standards and regulations.
  3. Security Policies and Procedures: Establish and maintain security policies and procedures in line with best practices and compliance standards to safeguard our systems.
  4. Vulnerability Management: Continuously enhance our system’s security by identifying and promptly remediating vulnerabilities and weaknesses.
  5. Proactive Threat Detection: Monitor security events to detect and respond to potential threats promptly, ensuring all incidents are recorded and resolved within agreed SLAs.
  6. Incident Prevention: Implement preventive measures to reduce the overall number of security incidents.
  7. Vulnerability Assessment: Maintain a comprehensive vulnerability management program to identify and address vulnerabilities within our systems.
  8. Secure Code Development: Work closely with the development team to ensure all new code is developed with security in mind.
  9. Cybersecurity Training: Provide guidance and training to team members on secure coding practices and cybersecurity.

Key Performance Indicators (KPIs):

  1. Vulnerability Management:
  • Percentage of identified vulnerabilities remediated within defined timelines.
  • Number of critical vulnerabilities addressed per quarter.
  • Time taken to remediate vulnerabilities.
  1. Incident Response:
  • Mean time to detect and respond to security incidents.
  • Number of incidents reported per quarter.
  • Percentage of incidents resolved within defined timelines.
  1. Compliance:
  • Percentage of successful audits per year.
  • Number of compliance violations identified and resolved per quarter.
  • Time taken to address compliance violations.
  1. Security Automation:
  • Percentage of security checks automated within the development pipeline.
  • Number of manual security checks reduced through automation.
  • Time taken to implement new security checks into the pipeline.
  1. Collaboration:
  • Number of cross-functional security training sessions conducted per year.
  • Percentage of development teams using secure coding practices.
  • Number of completed cross-functional security initiatives per quarter.

Key Requirements:

  1. Bachelor’s degree in computer science, Engineering, or a related field.
  2. Minimum of 5 years of experience in DevSecOps or a similar role.
  3. Strong understanding of DevOps principles, tools, and practices.
  4. Proficient in cloud computing platforms like AWS or Azure.
  5. Experience with containerization technologies (e.g., Docker, Kubernetes).
  6. Thorough understanding of security principles, including authentication, authorization, encryption, and network security.
  7. Familiarity with security testing and vulnerability scanning tools.
  8. Expertise in web application firewalls (WAF), intrusion detection and prevention systems (IDS/IPS), and security information and event management (SIEM) systems.
  9. Excellent communication and collaboration skills.
Job Category: DevSecOps Engineer
Job Type: Full Time
Job Location: Work from Office

Apply for this position

Allowed Type(s): .pdf, .doc, .docx