DevSecOps Engineer (Azure)
DevOps
DevSecOps Engineer (Azure)
DevOps
Centrum, Wrocław
Experis Manpower Group
Undetermined
B2B
Senior
Remote
16 555 - 17 935 USD
Net per month - B2BTech stack
Azure
Docker
Kubernetes
Terraform
Ansible
Jenkins
English
Powershell
Job description
Responsibilities:
- Build relationships with stakeholders and service leaders to incorporate security principles into engineering design and employments
- Supervise implementation, testing and validation of Azure security controls across projects
- Oversee implementation of defensive configurations and countermeasures across cloud infrastructure and applications
- Draft and uphold Secure SDLC strategy and practices in tandem with other technical team leads
- Recommend services and tools to enable developers and engineers to easily use security components produced by application security team members
- Simplify automation that applies security inter-workings with CI/CD pipelines (Azure Pipelines and Github Actions)
- Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle including threat modeling and developer IDE security features.
- Assist prioritization of vulnerabilities identified in code through automated and manual assessments and promote quick remediation
- Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging
- Join forces and provision security principles in architecture, infrastructure and code
- Enrich DevOps architecture with security standards and best practices, promote baseline configuration and work to reduce drift
- Partner with teams to define key performance indicators (KPIs), key risk indicators (KRIs) and distribute useful program metrics across business units
- Perform other duties as assigned
Requirements:
- At least 7+ years’ experience in information technology, information security administration or security operations
- Experience working with development and infrastructure teams in agile workflows, including Scrum and Azure DevOps
- Understanding of containerized computer (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes)
- Understanding of CloudFormation, Terraform, Ansible and Jenkins
- Proficient in securing Windows and *nix operating systems, applications, networking protocols and devices under a baseline requirement framework
- Experience with operations and security across Amazon Web Services (AWS) and Google Cloud Platform (GCP) with specific concentration with Azure
- Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface while performing rapid, continuous testing and implementation
- Capable of scripting in Python, Bash or PowerShell
- Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC) and how to balance the recommendations of each against business priorities
- Knowledge of Payment Card Industry (PCI), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or Center for Internet Security (CIS) control requirements
Our offer:
- Workplace: 100% remote
- MultiSport Plus
- PZU group insurance
- Medicover Premium
- e-learning platform
Tech stack
Azure
Docker
Kubernetes
Terraform
Ansible
Jenkins
English
Powershell
Office location
Published: 02.03.2023
ADVERTISEMENT: Recommended by Just Join IT
Check similar offers
ADVERTISEMENT: Recommended by Just Join IT