Senior DevSecOps Engineer
Centurion, South Africa
Applications have closed
OUTsurance
Innovative, value-for-money insurance products, backed by awesome service and 10% of your paid insurance premiums back in cash after three consecutive claim-free years.Company Description
OUTsurance is a customer-centric financial services company with a global footprint. We are vibrant, successful and values orientated with an awesome dynamic culture encapsulated by the ethos that clients and staff “always get something OUT.” Our success can be attributed, amongst other things, to the outstanding people that work for us.
Job Description
We are seeking a highly experienced Senior DevSecOps Engineer to join our team. The ideal candidate will have a strong background in software development, security, and operations, with experience in leading teams and driving DevSecOps initiatives.
Responsibility: DevOps (40%)
- Maintain & Administer Cloud Development Infrastructure
- Automate Deployments in Azure & On-Premises Environments
- Improve Automation of Security Controls
- Work with the dev team to ensure that security standards and policies are being set up and configured correctly.
Responsibility: SecOps (50%)
- Identify, implement, and maintain security tools and technologies.
- Participate in regular security reviews and assessments of the infrastructure, applications, and processes.
- Up to date knowledge of security testing methodologies, tools, and frameworks (OWASP, IST, SANS, etc.)
- Schedule (and ideally automate) Vulnerability scans and tests, remediate findings and ensure accurate reporting to satisfy regulatory compliance.
- Perform quarterly penetration tests of all deployed projects and ensure implementation of items identified in remediation plans.
- Software dependency scanning.
Responsibility: Knowledge sharing & documentation (10%)
- Host the secure development forum for OUTsurance.
- Communicate effectively with stakeholders at all levels of the organization, including technical and non-technical audiences.
- Develop and maintain security policies, procedures, and guidelines for development, deployment, and operations.
Qualifications
- 3 Years industry specific experience & Minimum 5 Years in Technology & Software
- Experience drafting and implementing security policies, security procedures, security design and implementation.
- Extensive knowledge of DevSecOps principles, practices, and tools, including containerization, orchestration, and automation
- Experience with cloud platforms (AWS, Azure, GCP) and infrastructure-as-code tools (Terraform)
- Familiarity with operational observability, including monitoring, log aggregation, application performance monitoring, etc.
- Solid knowledge of IT security (FortiGate Firewalls, Local Traffic Managers, SIEM, SOAR, EDR, XDR)
- Knowledge in security classification frameworks like MITRE or the cyber-attack kill chain and Open Threat Networks
- Knowledge of security testing methodologies, tools, and frameworks (OWASP, NIST, SANS, etc.)
- Experience with security compliance frameworks (PCI DSS, HIPAA, GDPR, etc.)
- Great knowledge and understanding of Secure Code Development practices and tools such as SonarQube, AquaSec, Harbor, etc.
Additional Information
An ideal candidate will be able to align their personal work values to the OUTsurance values of Awesome Service, Passionate, Honest, Human, Dynamic and Recognition. Enthusiastic in dealing with challenges in a stressful, deadline orientated environment is essential.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AquaSec Automation AWS Azure Cloud Compliance DevOps DevSecOps EDR Firewalls GCP GDPR HIPAA Monitoring NIST OWASP PCI DSS SANS SecOps SIEM SOAR SonarQube Terraform Vulnerability scans XDR
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs