DevSecOps Engineer
Buenos Aires
Applications have closed
Media.Monks
We’re Media.Monks – global content, data, and media powerhouse. Our solution is simple and singular: Disrupting the industry, driven by digital.Media.Monks is a digital-first marketing and advertising services company connecting the dots across content, data & digital media and technology services. Inspired by the connectivity and flexibility of technology APIs, Media.Monks’ single-P&L model offers brands seamless access to a nearly 6,000-strong team of digital talent organized across 57 talent hubs in 33 countries.
With us, you'll find a diverse group of colleagues with different backgrounds and perspectives. We believe everyone has something of value to offer, and that sustaining a truly diverse, equitable and inclusive workplace begins with fostering an environment where people can be themselves, authentically, every day. We want to build something with the potential to change the heart of our industry, and we’d love to include your unique perspective.
We are looking for a DevSecOps Engineer who is able to understand the stakeholders needs in order to apply security in development pipelines for internal and client projects for improving the level of security of the development projects.
This person will be responsible for running and implementing security in the CI/CD pipelines, propose improvements or innovation to the current process and act as a reference for the development and security teams regarding secure best practices in a SSDLC.
Key accountabilities:
- Assess security risks over the CI/CD pipeline, applications and services that are part of the company’s and clients technological environments.
- Analyze cloud architectures and applications design from a security perspective in order to give advice on security best practices and guidelines in development activities.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further security enhancement.
- Implement accountability on DevSecOps controls implementation.
- Work with other teams to help prepare and document standard operating procedures and protocols related to secure development.
- Provide topics and materials for developing security-focused trainings
- Research and propose new security tools to implement different kinds of projects.
Minimum Qualifications:
- +3 of experience in similar roles.
- Experience in secure development and SAST automation.
- Solid knowledge of architecture and security baselines in cloud (AWS, GCP and/or Azure).
- Experience in performing code security assessments.
- Solid experience in web application security and secure development (SSDLC), APIs security, microservices.
- Fluent english (written and oral).
Desirable Qualifications
- Bachelor’s degree in Computer Science/Engineering/Information Security.
- Knowledge of secure development in AEM, PHP, Node, API Rest, Drupal and Mobile.
- Solid knowledge of cloud security architecture and configuration.
Qualities:
- Good communication
- Ability to confidently present findings to those with either a technical or non-technical background.
- Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
- Ability to self-organize and plan activities with commitment towards results.
- Ready to learn new contents both from others or self-learned.
- Passionate about self-improvement and suggesting improvements to processes or activities.
Preferred Qualifications:
- AWS Certified Solutions Architect Associate / Certified Security Specialist
- ISO27001 framework knowledge
- Solid knowledge in securing CI/CD Pipelines: Sonarqube, Github, Jenkins
- Solid understanding of repos tools such as: Bitbucket, Azure DevOps, AWS Dev Tools.
- Containers security: Docker, Kubernetes, OpenShift, and so on.
- GCP Professional Cloud Architect / Professional Cloud Security Engineer
#LI-FR1
About Media.Monks:
At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.
We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us.
Tags: APIs Application security Automation AWS Azure Bitbucket CI/CD Cloud Computer Science DevOps DevSecOps Docker GCP GitHub ISO 27001 Kubernetes Microservices PHP SAST Security assessment SonarQube
Perks/benefits: Career development Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs