Job description

Responsibilities • Design, implement, and manage security tools and practices within CI/CD pipelines, focusing on reuse, scalability, performance, availability, and security. • Lead the implementation of cloud based architectures, networking, and containerization using Infrastructure as Code. • Collaborate with teams to ensure secure software development practices in CI/CD pipelines. • Create and improve process flows, documentation, and mockups to convey technical details. • Integrate security testing tools (e.g., SAST, DAST, SCA, pen testing) into CI/CD workflows. • Monitor and respond to security incidents and vulnerabilities promptly. • Develop and maintain security policies, procedures, and documentation. • Automate security processes to improve efficiency and reduce manual intervention. • Partner with App Sec Expert to conduct and automate regular security assessments and audits, ensuring compliance with industry standards. • Provide training and support on Dev Sec Ops practices, enabling development teams to adopt and implement them. • Utilize Azure Dev Ops for CI/CD pipeline management and automation. • Develop self service capabilities to enhance team productivity and autonomy. • Identify and measure the benefits and business value of Dev Sec Ops improvements. • Present innovative solutions and ideas across all levels, working as both a leader and contributor. • Identify gaps and propose modernization opportunities in the SDLC. • Debug and troubleshoot issues with CI/CD pipelines. • Create and maintain dashboards and reports to monitor security metrics and CI/CD performance. Qualifications • Proven experience as a Dev Sec Ops Engineer or in a similar role. • Strong knowledge of security tools (Jfrog xray, Github advanced security) and practices (e.g., OWASP, NIST). • Experience with CI/CD tools (e.g., Jenkins, Git Lab CI, Azure Dev Ops). • Proficiency in Azure cloud services and infrastructure. • Familiarity with containerization and orchestration tools (e.g., Docker, Kubernetes). • Strong scripting skills (e.g., Powershell, Bash, BICEPS, ARM, YAML). • Excellent problem solving and analytical skills. • Strong communication and collaboration skills. #J-18808-Ljbffr

Requirements