DevSecOps/SecDevOps Engineer

Hey, you on that side, can you believe that this ad appears on your screen by chance? Nimber doesn't believe in chance...

And now your spidey senses are tingling? Keep reading...

We are Nimber - we have entered the advanced technology consulting game. Our goal is to set new rules to put the world where it belongs, in people's hearts.

But what does Nimber mean? In mathematics and game theory, they are numbers with special properties of addition and multiplication. And what we really want is to add value to customers' projects.

Workplace

• Lisbon
• Oporto

Requirements:

• Developer at heart, not just a sec person.
• Need to speak and breath dev.
• Think Sec, Dev and Ops at scale and automated.
• Strong knowledge of application security principles and practices on software development, including OWASP;
• Familiarity with common security libraries, security controls, and common software vulnerabilities;
• Familiarity with SSDLC and CI/CD best practices.
• Experience with security testing tools and methodologies;
• Familiarity with cloud environments (AWS, Azure, GCP) and 0trust architecture;
• Tools and tech stack : terraform/IaC, github/Gitlab, docker, 0trust, pipelining, trivvy/anchore , cloud native architectures, python, node
• Familiarity with industry compliance and security standards including, NIST CSF, NIST SP800-53, QNRCS, NIS 2.0, OWASP, CIS Controls, Mitre Att&ck and ISO 27000 series;
• Excellent problem-solving skills and attention to detail;
• Strong communication and interpersonal skills.
• Shift-left ambassador.
• Pivotal between Cloud & Devops, SoC, GRC and delivery areas.

Typical work-day

• Design and implement security architectures for software applications;
• Develop and enforce secure coding practices for the different development teams;
• Collaborate with development teams to ensure secure software development lifecycle (SDLC) practices are followed;
• Provide guidance on security assessments and code reviews to identify vulnerabilities;
• Conduct threat modelling exercises;
• Provide guidance and training to developers on application security best practices;
• Stay up-to-date with the latest security trends and technologies

And what does Nimber expect from you?

• Be passionate about what you do.
• That you take the first step using the talent of Accelerated Innovation.
• That you define the right strategy with the gift of Sensitive Impartiality.
• That you decide to put into practice the privilege of Shielded Independence daily.

This is our infallible tactic to which we add the rules of the game at Nimber: impartiality, independence, and fairness. All that's missing is you!

Are you ready to win with us?

📩 If you are tired of feeling like just a number, send us your application and come be a Nimber.