Job Description
SUMMARY:
The role is responsible for developing security capabilities and maintaining DevSecOps operational platform of enterprise architecture. The role also needs to leverage DevSecOps principles, design and implement DevSecOps solutions, including end-to-end automated CI/CD pipeline.
KEY RESPONSIBILITIES:
- Design, integrate, and maintain DevSecOps continuous test/integration/deployment and operational platforms.
- Develop capabilities used to deploy large-scale cyber countermeasure capabilities to detect and prevent sophisticated threats and vulnerabilities on enterprise networks.
- Develop and enforce security standard methodologies, processes and tools
- Ensure compliance to enterprise architecture, security policies, and operational procedure.
- Perform threat and security design reviews.
- Implement automated process, and automation tools.
- Develop and support development of security testing and validation tooling.
- Resolve and review resolution of security vulnerabilities as needed.
- Improve secure coding practices, application security requirements, automation, training, and metrics.
- Maintain an active understanding of industry practices for secure software development.
- Works with application development teams to refactor or create security solutions, using DevSecOps CI/CD pipeline and tools.
MINIMUM QUALIFICATION
- 3+ years of experience with executing Web application, network, and system penetration tests for clients
- Experience with DevSecOps automation tools such as Terraform
- Experience with container and container management technologies like Docker, Kubernetes etc.
- Extensive experience of AWS cloud services.
- Experience with installing, configuring, integrating and maintaining tools and technologies like Jenkins, JIRA, SonarQube, Fortify, Git.
- Experience with programming using one or more of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code.
- Strong ability to understand OOP concepts and process.
- Possession of excellent oral and written communication skills to communicate effectively and professionally with clients, teammates, and senior leadership
- Ability to clearly convey results in formal technical reports and deliver briefings to various stakeholders.
PREFFERED QUALIFICATION
- BA or BS degree
- Experience in Cybersecurity. (e.g. secure coding practice, application security requirements.)
- Knowledge of open security testing standards and projects, including OWASP
- Ability to assist remediation efforts for discovered vulnerabilities
- Experience with Web application development, system administration, and the software and system development life cycle
Job Type: Contract
Pay: $50,000.00 - $100,000.00 per year
Schedule:
Experience:
- Web application, network, and system penetration tests,OWASP: 3 years (Preferred)
- Terraform, AWS cloud services,Docker, Kubernetes,CI/CD: 3 years (Preferred)
Work Location: Remote