DevSecOps Engineer

Marcus Donald is currently looking for a DevSecOps Engineer for an exciting opportunity to join a team at a Financial Services organisation!

The role will be working closely with the development and infrastructure teams to ensure the end-to-end security of our applications. This will cover everything from building and integrating security software to making sure the data and information is secure.

DevSecOps Engineer – Responsibilities:

• Responsibility for security of internal and customer facing applications, company infrastructure, and connected third party vendors.
• Ensuring secure configuration and operation of cloud networks, load balancers, edge protection and firewalls (WAF, etc.)
• Maintaining contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats.
• Assisting in the design of enhancements to the cloud security strategy by identifying and alerting on appropriate event types.
• Experience of securing Linux and containerised applications.
• The ability to identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components.
• Developing business relationships with other departments to ensure successful implementation of security projects.
• Promoting security knowledge sharing within technical communities.

 DevSecOps Engineer – Experience Required

• Extensive experience working in an Information Security role preferred.
• Good knowledge of cloud DevSecOps.
• Knowledge of securing cloud and containerised applications.
• Security+, CISSP, CCSK, CCSP or equivalents.
• Experience in a hands-on role setting up and supporting cloud based internal and customer facing applications, using ISO 27001, PCI, and / or NIST security standards.
• In-depth knowledge and understanding of Intrusion Prevention Systems, firewalls.
• Hands-on experience administering, securing and working with AWS and GCP servers, as well as containerised applications at scale.
• In-depth knowledge of cloud security and design of security on large scale applications that support high workloads.
• Programming experience as related to security automation.
• Knowledge of vulnerability scanning and / or internal penetration testing.
• Experience in evaluation and deployment of security concepts related to cloud (firewall, proxy, key management, IAM, certificate management).
• Python, Perl, SQL, TCP/IP, PowerShell, Puppet, Ansible, Jenkins, GO CD.
• Continuous Integration (CI) / Continuous Deployment (CD).
• Experience developing security automation tasks for delivery pipelines.

If this position is of interest, please do not hesitate to contact Lola Reynolds for any questions that may need answering and/or further information regarding the company and role.