DevSecOps Engineer

We are looking for a DevSecOps Engineer who is able to understand the stakeholders needs in order to apply security in development pipelines for internal and client projects for improving the level of security of the development projects.

This person will be responsible for running and implementing security in the CI/CD pipelines, propose improvements or innovation to the current process and act as a reference for the development and security teams regarding secure best practices in a SSDLC. 

Key accountabilities:

• Assess security risks over the CI/CD pipeline,  applications and services that are part of the company’s and clients technological environments.
• Analyze cloud architectures and applications design from a security perspective in order to give advice on security best practices and guidelines in development activities.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further security enhancement.
• Implement accountability on DevSecOps controls implementation.
• Work with other teams to help prepare and document standard operating procedures and protocols related to secure development.
• Provide topics and materials for developing security-focused trainings
• Research and propose new security tools to implement different kinds of projects.
  
  

Minimum Qualifications:

• +3 of experience in similar roles.
• Experience in secure development and SAST automation.
• Solid knowledge of architecture and security baselines in cloud (AWS, GCP and/or Azure).
• Experience in performing code security assessments.
• Solid experience in web application security and secure development (SSDLC), APIs security, microservices.
• Fluent english (written and oral).
  
  

Desirable Qualifications

• Bachelor’s degree in Computer Science/Engineering/Information Security.
• Knowledge of secure development in AEM, PHP, Node, API Rest, Drupal and Mobile.
• Solid knowledge of cloud security architecture and configuration.
  
  

Qualities:

• Good communication 
• Ability to confidently present findings to those with either a technical or non-technical background.
• Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
• Ability to self-organize and plan activities with commitment towards results.
• Ready to learn new contents both from others or self-learned.
• Passionate about self-improvement and suggesting improvements to processes or activities.
  
  

Preferred Qualifications:

• AWS Certified Solutions Architect Associate / Certified Security Specialist
• ISO27001 framework knowledge
• Solid knowledge in securing CI/CD Pipelines: Sonarqube, Github, Jenkins
• Solid understanding of repos tools such as: Bitbucket, Azure DevOps, AWS Dev Tools.
• Containers security: Docker, Kubernetes, OpenShift, and so on.
• GCP Professional Cloud Architect / Professional Cloud Security Engineer

#LI-FR1

About Media.Monks:

Media.Monks is on a mission to create a new future for this industry. Our vision? Build everything with a belief that changing for good comes from changing who does the work. Yep, that means you. Welcome to the party—one global, cross-cultural collective with a passion for using our skills to create better and a better world. That’s how we’re able to connect the dots between data, content, digital media, and technology from everywhere we are—a true end-to-end model. Joining the Media.Monks collective means having the opportunity to create award-winning work with some of the most gifted, focused, joyful, talents from all over the world.

At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.

We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.