DevSecOps Engineer
Latin America
Applications have closed
Media.Monks
We’re Media.Monks – global content, data, and media powerhouse. Our solution is simple and singular: Disrupting the industry, driven by digital.We are looking for a DevSecOps Engineer who is able to understand the stakeholders needs in order to apply security in development pipelines for internal and client projects for improving the level of security of the development projects.
This person will be responsible for running and implementing security in the CI/CD pipelines, propose improvements or innovation to the current process and act as a reference for the development and security teams regarding secure best practices in a SSDLC.
Key accountabilities:
- Assess security risks over the CI/CD pipeline, applications and services that are part of the company’s and clients technological environments.
- Analyze cloud architectures and applications design from a security perspective in order to give advice on security best practices and guidelines in development activities.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further security enhancement.
- Implement accountability on DevSecOps controls implementation.
- Work with other teams to help prepare and document standard operating procedures and protocols related to secure development.
- Provide topics and materials for developing security-focused trainings
- Research and propose new security tools to implement different kinds of projects.
Minimum Qualifications:
- +3 of experience in similar roles.
- Experience in secure development and SAST automation.
- Solid knowledge of architecture and security baselines in cloud (AWS, GCP and/or Azure).
- Experience in performing code security assessments.
- Solid experience in web application security and secure development (SSDLC), APIs security, microservices.
- Fluent english (written and oral).
Desirable Qualifications
- Bachelor’s degree in Computer Science/Engineering/Information Security.
- Knowledge of secure development in AEM, PHP, Node, API Rest, Drupal and Mobile.
- Solid knowledge of cloud security architecture and configuration.
Qualities:
- Good communication
- Ability to confidently present findings to those with either a technical or non-technical background.
- Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
- Ability to self-organize and plan activities with commitment towards results.
- Ready to learn new contents both from others or self-learned.
- Passionate about self-improvement and suggesting improvements to processes or activities.
Preferred Qualifications:
- AWS Certified Solutions Architect Associate / Certified Security Specialist
- ISO27001 framework knowledge
- Solid knowledge in securing CI/CD Pipelines: Sonarqube, Github, Jenkins
- Solid understanding of repos tools such as: Bitbucket, Azure DevOps, AWS Dev Tools.
- Containers security: Docker, Kubernetes, OpenShift, and so on.
- GCP Professional Cloud Architect / Professional Cloud Security Engineer
#LI-FR1
About Media.Monks:
Media.Monks is on a mission to create a new future for this industry. Our vision? Build everything with a belief that changing for good comes from changing who does the work. Yep, that means you. Welcome to the party—one global, cross-cultural collective with a passion for using our skills to create better and a better world. That’s how we’re able to connect the dots between data, content, digital media, and technology from everywhere we are—a true end-to-end model. Joining the Media.Monks collective means having the opportunity to create award-winning work with some of the most gifted, focused, joyful, talents from all over the world.
At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.
We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.
Tags: APIs Application security Automation AWS Azure Bitbucket CI/CD Cloud Computer Science DevOps DevSecOps Docker GCP GitHub ISO 27001 Kubernetes Microservices PHP SAST Security assessment SonarQube
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs