Log In Sign Up

DevSecOps Engineer (Cyber Security Engineer)

Premium Job From Nigel Frank International

Recruiter

Nigel Frank International

Listed on

13th December 2022

Location

Denver

Salary/Rate

Upto £151732

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

Cybersecurity Software Engineer - DevSecOps Specialist

One of our repeat clients is looking for an experienced DevSecOps Specialist to work with the global engineering and development teams as they develop a cutting-edge password-less and badge-less identity platform. This position is responsible for enabling a secure code base and ensuring static and dynamic code analysis in combination with penetration testing incorporation into sprint.

Location: Denver, CO

Responsibilities Include:

- Supporting code build Baseline Objectives and Optimization Measurements (BOOM) on security vulnerability survival time, net new arrival, burn-down, wait time, and escape rates from pre-production into production.

- Oversee continuous internal and external penetration testing and remediation. Utilize industry tools, including root-cause-analysis.

- Manage Security Operations Center (SOC) vendor relationship based on pre-defined service agreements. Heavy focus on automation, documentation, collaboration, and working with teams in Europe, USA, and Asia.

- Triage new incoming issues to determine the level of risk, and accordingly prioritize remediation in conjunction with the impacted service team.

Requirements:- 5+ years of experience in areas such as systems, network, and/or application security.- 3+ years of scripting/coding experience in Python.

- 3+ years of experience with GitHub, Jira, Docker, and Kubernetes.

- Prior experience operating applications on AWS.- Familiar with automated configuration management, provisioning, and IaC tools and concepts. (Terraform, Salt, etc.)

- Experience coordinating and performing penetration testing and vulnerability assessments using automated and manual tools.

- Deep knowledge of key management systems, certificate management, encryption, penetration testing, vulnerability scanning, security, and monitoring tools, etc.

- Experience with SIRP, SIEM, and IDS/IPS/WAF solutions.

- Ability to work with APIs to integrate security tooling into CI/CD pipelines, reports, and automated processes.

- Knowledge of common attack vectors including OWASP Top 10, DDoS, Phishing, etc.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox