DevSecOps Engineer
Limassol, Limassol, Cyprus
Applications have closed
ZFX
Trade forex, currencies, gold, oil, indices, stocks, cryptocurrencies on MT4 online trading platforms with ZFX, an FSA licensed forex brokerAbout Us:
Award - The Best FinTech Trading Platform of The Year 2019.
Zeal group of companies (collectively Zeal Group) is a business portfolio of the parent company Zeal Holdings Limited, comprising regulated financial institutions and fintech companies specializing in multi-asset liquidity solutions in regulated markets backed by proprietary technology.
We are a people focused business and our team of 500+ professionals globally are dedicated to maximizing the success of our employees and customers. Headquarter is located in the UK with global presence in 12 countries across Asia, Middle East, & Europe with 22 offices internationally.
The estimated monthly trading volume in an average of USD 100B executed by 100,000 retail investors, professional traders, and financial institution clients.
Job Description:
Principal Accountabilities
- Participation in security incident investigations
- Contribute to the management of the Security tools development direction and roadmap of security tools, investigate technologies, run proof of concepts and testing
- Performing continuous risk analysis and mitigate risks of cloud infrastructure.
- Participation in the vulnerability discovery process (scanning, analysis of discovered vulnerabilities)
- New security monitoring tools research and development
- Assess security stance of cloud and on-premise deployments. Recommend and implement mitigation measures
- Support for internal documentation (standards, manuals, descriptions, etc.)
- Collaborate with Application Architects in questions of IT security requirements and solutions
- Support DevOps by configuring automated build & deploy pipelines
- Implementing and automating security of Kubernetes cluster (prod/dev/uat environment).
- Implementing and automating security with CI/CD pipelines (SAST, DAST, OSA/SCA).
- Hardening and security enhancements within cloud infrastructure (GCP/AWS) and K8s
- Implementation of automated IT security measures (rolling secrets, analysis of security audit logs, …)
- Participation in Security team’s project activities
- Vendor assessment and comparison
- Continuous improvement of Security events monitoring
- Create best practices for DevSecOps tools in terms of their implementation across all IT functions, setup and support security quantitative KPIs in terms of DevSecOps.
- Develop in cooperation with other teams alerts, rules and monitoring automation solutions
- Deliver DevSecOps solutions
- Installation support and content development (dashboards, alerting, etc) for DevSecOps tools
Key Competencies & Qualifications
- 3+ years of relevant working experience
- Solid technical and knowledge in Information Security
- Expert in IT Security Operations processes and their tailoring towards the application domain
- In depth knowledge of Kubernetes and Helm as well as hands-on experience using them.
- Experience with AWS Cloud and GCP, especially with implementation of CSPM.
- Expert knowledge of Terraform, GitLab CI.
- Experience with SonarQube, AquaSecurity, Sonatype, Jfrog, Qualys.
- Knowledge in modern techniques for exploiting the vulnerabilities of applications,
- ITIL knowledge (change control process, change management, problem/incident management, procedures, guidelines, etc)
- Information security principles for business applications practical knowledge is a plus
- Experience and skills in Unix
- Knowledge of static and dynamic security scanning tools
- Strong knowledge in CI/CD.
- Expert knowledge in identification and evaluation of indicators of compromise (IOC) associated with malicious code and malware
- Experience with security audits
- Passion for solving challenging problems and iterating quickly
- Ability to thrive under stressful situations
- Ability to work with several tasks at the same time
- Team player with energy and a desire to progress in a fast moving, demanding and progressive environment
- English language is a must
Package:
- Bonus structure for each job role
- Paid 21 days of holidays per year and 10 additional days for national holiday
- Training opportunities for growth and expansion of knowledge
- Ability to work remotely
- Flexible and hybrid schedule – we value work-life balance
- Referral Bonus Program
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS CI/CD Cloud DAST DevOps DevSecOps FinTech GCP GitLab Helm ITIL KPIs Kubernetes Malware Monitoring Qualys Risk analysis SAST SonarQube Terraform UNIX Vulnerabilities
Perks/benefits: Career development Flex hours Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs