Security (regular) Jenkins (regular) Terraform (regular) Kubernetes (regular) Docker (regular) Responsibilities:Performing security architecture reviews of applications in design and production phasesIdentifying security recommendations, potential threats and attacks to applications systems through threat modeling and vulnerability assessmentConducting assessments of applications and platforms (web, cloud, mobile) using range of manual and automated source code review techniquesIntegrating application security tools and process in automated pipelinesWorking with clients to analyze, evaluate, and enhance the effectiveness of their application / platform / product security posture at procedural and technological levels from design to deploymentParticipating in market facing activities. Use current technology and tools to enhance the effectiveness of deliverables and services. Play an active role in counseling and mentoring junior Cybersecurity team membersResolving and reviewing resolution of security vulnerabilities as neededImproving secure coding practices, application security requirements, automation, training and metricsMaintaining an active understanding of industry practices for secure software developmentWorking with application development teams to refactor or create security solutionsMonitoring & Logging and Site ReliabilityExperience and skills:Experience in performing application security vulnerability assessment using either manual penetration testing and source code techniques or automated commercial SAST/DAST/IAST/SCA/OSA toolsExperience in performing security architecture/threat modelingExperience in evaluating application security programs for clients and developing key elements of the program as part of the enhancement process and developing internal vulnerability assessment and management processesAbility to learn and adapt to integrate application security to different CI/CD systems and apply automation as neededMinimum 2 years of experience working in Agile development, application security, or DevOps role, with experience in the following technologies:Containers (Docker, Kubernetes, etc.) Infrastructure as code (Chef, Terraform, etc.) Continuous integration (Jenkins, etc.) Integration of Security testing tools into pipeline Defect tracking (Jira, Bugzilla, ServiceNow etc.) Source code management (GitLab, GitHub, BitBucket, etc.) Developing enterprise applications or scripts for security testing (security as code) Cloud environment (AWS, Azure, GCP) and various Unix-like distributionsMust have experience in the following:Certifications relevant to the roleKnowledge of networking, infrastructure and applications from a DevOps perspective with a security focusExperience in programming or scripting languages Broad knowledge of security control techniques and how they can be applied in a traditional IT environment as well as cloud-based systemsKnowledge of security monitoring, prevention and control systems including anti-virus, web proxies and security softwareNice to have:Diploma or Degree in Computer Science, Software Engineering or related discipline with 3+ years’ of overall experienceGood technical knowledge of Microservice oriented solutions, APIs, Azure AD and common Cloud authentication patternsCloud/DevOps Certification (MS Azure/AWS/GCP) Offer:Workplace: 100% remote MultiSport Manpower Premium platformPZU group insuranceMedicover
DevSecOps Consultant in Constanţa
Datele de contact vor fi vizibile dupa ce veti aplica!