Provide strategic direction and subject matter expertise for wide adoption of DevSecOps automation.
Build and maintain DevSecOps pipelines to adopt shift-left paradigm for security testing (SAST, DAST, IAST, RASP etc.)
Develop And promote best practices for DevSecOps and secure CI/CD using Infrastructure as Code (IaC)
Stay up-to-date on new security tools & techniques, and act as driver of innovation and process maturity.
Conduct research and evaluate new DevSecOps platforms, components, tools, and processes for new projects and ongoing initiatives.
Collect security-related metrics and increase security visibility across the organization.
Deploy and manage security tools to cloud infrastructure platforms such as Google Cloud or AWS, through automation using infrastructure-as-code principles.
Work with teams to bring continuous improvement to DevSecOps processes and tools.
Requirements
5 years of work experience.
Experience as a full stack developer, with hands-on experience in DevSecOps practices.
Experience with CI/CD tools such as GitLab, Jenkins, Nexus, Artifactory, Terraform, Ansible.
Experience with software security, secure coding, or software assurance tools and techniques.
Experience with AWS and Azure Cloud
Experience using Infrastructure as Code, including Terraform, CloudFormation
Knowledge of automation frameworks and tools, including Jenkins or GitHub Actions
Knowledge of Source Control Management best practices, including GitHub
Knowledge of automated testing frameworks and tools, including both API and UI based testing tools
Knowledge of monitoring and alerting frameworks and tools
Bachelor’s degree in Computer Science