- Collaborate with development, operations, and security teams to integrate security best practices and tools into the software development life cycle.
- Shift Left Approach to security within the pipelines, to scan and update IaC code for relevant Benchmark/frameworks and industry best Practices.
- Design, implement, and maintain security automation and monitoring tools to identify and remediate security vulnerabilities in applications and infrastructure.
- Perform regular security assessments, penetration testing, and vulnerability scanning to proactively identify and address potential security risks.
- Develop and maintain security policies, guidelines, and procedures to ensure consistent and secure development practices across the organisation.
- Monitor and analyse security incidents to improve security measures and prevent future incidents.
- Assist in incident response and remediation efforts, providing expertise in security incident management and root cause analysis.
- Ensure compliance with industry regulations and standards, such as GDPR, HIPAA, PCI DSS, or other relevant frameworks.
- Educate and train development and operations teams on secure coding practices, security tooling, and the latest security trends and threats.
- Continuously evaluate and recommend new security technologies and best practices to improve the organisations overall security posture.
- Bachelor's degree in computer science, information security, or a related field, or equivalent experience.
- 5-10 years experience with DevOps and Security Ops with experience with Google Cloud Platform
- Strong understanding of secure software development practices, such as OWASP Top Ten, secure coding principles, and threat modeling.
- Familiarity with security technologies and tools, including vulnerability scanners, intrusion detection systems, firewalls, and encryption technologies.
- Terraform IaC
- Proficiency in one or more programming or scripting languages (e.g., Python, Ruby, JavaScript, Go).
- Experience with CI/CD pipelines, automation tools, and containerisation technologies (e.g., Jenkins, Github Actions, GitLab CI/CD, Docker, Kubernetes).
- Knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud Platform) and their respective security services, best practices, and compliance requirements.
- Strong analytical, problem-solving, and communication skills.
- Relevant industry certifications, such as CISSP, CEH, or CompTIA Security+, are a plus.
Company
Gleecus TechLabs Inc
United Kingdom
Location
Remote Position
(From Everywhere/No Office Location)
Job type
Full-Time
JavaScript Job Details
A DevSecOps Engineer plays a crucial role in maintaining the security and integrity of an organisations applications and infrastructure. They bridge the gap between development, operations, and security teams, promoting a culture of shared responsibility and collaboration to ensure that security is an integral part of the entire software development life cycle.
Responsibilities:
Qualifications:
More Developer Job Boards
Fullstack Developer Jobs Golang Jobs JavaScript Jobs Python Jobs React Jobs Rust Jobs Java Jobs