DevSecOps Engineer – DevOps squad

Role summary:

You will be a part of the Group DevOps Squad developing our modern applications and API platform to improve business process efficiencies; provide superior client digital services and support the scaling of our operational model. ​

As a permanent member of our DevOps squad, your focus will be to help implement our Software & API Strategy by building out our cloud based modern API platform and architecture used for enterprise-wide integrations, along with developing internal and client-facing applications and assisting in providing a centralised data and analytics platform for downstream data analytics

Key responsibilities:

• Working as part of a squad, delivering through agile methodologies;
• Continuous review and improvement of security in our SDLC: identify, classify, remediate known vulnerabilities and security weaknesses;
• Collaborate in the design and implementation of secure and well-tested scalable cloud infrastructure and CI/CD pipelines to roll out new environments, elements, features;
• Implement a tools driven and highly automated approach to deliver key security management processes by maximizing use of existing toolsets;
• Together with the team, make sure that all the required automation pipelines (e.g., CI/CD) are in place and managed;
• Develop procedures to automate security tasks which seamlessly integrate into code builds and deployments;
• Working in collaboration with customers, partners, and peers to identify requirements;
• Helping break down large problems into smaller iterative steps;
• Build out the modern API platform based on business requirements using agreed design patterns;
• Design, prototype, develop, test, and deploy applications on business requirements using agreed design patterns;
• Contribute to the continuous development and maturing of design patterns for others to follow;
• Pick the most appropriate tool, method, and design pattern to satisfy the requirement;
• Proactively improves things where you see issues;
• Document, support, manage and maintain the modern API platform built within your squad;
• Assist and train team members in the use of cloud security tools and the resolution of security issues.

Requirements

Skills / experience:

Core​

• Excellent communication and interpersonal skills​;
• Strong problem-solving skills​;
• Ability to plan, and manage your own work loads​;
• Strong ability to train others within your squad;
• Familiar with agile methodologies and experience in working in that way​;

Technical​

• At least 2 years of professional DevSecOps experience with AWS/Azure;
• In depth understanding of DevSecOps processes and tools;
• In depth knowledge on Monitoring / logging / tracing / alerting;
• Solid Infrastructure automation using Terraform;
• Proven Experience with configuration, management and securing of CI/CD pipeline (GitHub, Jenkins);
• Knowledge of AWS automation strategies and tools;
• Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment;
• Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security;
• Knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and remediation of penetration tests findings with solid understanding of OWASP TOP 10 and security component analysis);
• Knowledge of securing APIs and micro-services;
• Proven experience in DevOps environments and maintaining security in CI/CD processes and overseeing security in the Software development lifecycle;
• Certifications in relevant areas;
• Exposure to Agile methodology for project delivery;
• Experience in working with a team who are DevOps oriented.