At least 5 years of experience in Dev(Sec)Ops roles in both cloud and onprem environments
At least 4 years of experience working in a public cloud environment
At least 2 years of experience in Lead Dev(Sec)Ops or Dev(Sec)Ops Architect roles
At least 8 years of professional IT experience
Experience in DevSecOps-based manufacturing process design - on the tooling and process side
Experience in implementation of SCA, SAST, DAST, IAST class tools
Experience in implementation and integration of infrastructure, platform and application monitoring and vulnerability management tools
Experience in communicating with senior stakeholders, presenting, justifying and convincing proposed solutions
Experience working for financial institutions like insurers, banks is welcome
Tasks:
Leading DevSecOps work on projects, coordinating junior team members and working with clients
Develop recommendations and "roadmaps" for improving the efficiency and security of software development processes, taking into account organizational, process and technological changes
Design effective, state-of-the-art automation/tooling solutions to optimize/create new Secure SDLC processes
Communicating with senior stakeholders on the Client side including development, implementation, IT security, risk, monitoring and IT architecture teams - presenting, justifying and convincing proposed organizational and technical solutions for the software development process, promoting and adopting DevOps and DevSecOps methodologies
Analyzing the client's situation and requirements and selecting the appropriate tools and processes to support the automation of software development processes, including automated security testing tools
Working with the client to integrate IT Security processes into the IT product development cycle
Design and development of customized CI / CD solutions integrated with security testing at the stage of code integration and application build
Advising on the development of strategies for monitoring IT environments, selection, implementation and integration of tools for application monitoring and vulnerability management
Management of application code repository and infrastructure as code (IaC), modularization, selection and implementation of policies enforcing secure application delivery
Developing secure solutions and reusable gas pedals based on IaaS / PaaS
Research and develop solutions using new and emerging technologies