The work will often involve being a part of the different phase(s) of the project lifecycle - from establishing the scope and requirements; reviewing existing or planned architectures, with security in mind, down to assisting in security tooling selection; security testing process automation and configuration.
Responsible for building and setting up new development tools and infrastructure utilizing knowledge in continuous integration, delivery, and deployment (CI/CD), Cloud technologies, Container Orchestration and Security. Build and test end-to-end CI/CD pipelines, ensuring that systems are safe against security threats.
- Bachelor's Degree or higher in Computer Science, Computer Engineering, Information Technology, or similar
- Any Security, Cloud or DevOps certifications is a plus.
- 3+ years of Linux, Python, AWS, git experience
- 3+ years of experience debugging (grepping logs, stack traces, tracking down permissions issues, etc.)
- 3+ years experience in system/software solution development and delivery
- Experience in Cloud Automation DevOps
- Experience in management and definition of security in the software development lifecycle (SDLC) and application security testing
- Experience conducting security tests (static and dynamic code analysis, vulnerability assessments in applications and penetration tests, security component analysis)
- Knowledge of common static and dynamic security testing and vulnerability assessment tools (examples: ZAP, BurpSuite, AppScan, Nessus, Qualys, BlackDuck, Nmap, Snyk, DependencyCheck, Aqua, Fortify, Checkmarx etc.)
- Knowledge about and experience in work with DevOps tools - Jenkins, SonarQube, Ansible etc.
- Hands-on scripting or programming experience
- Experience in threat modelling
- Experience delivering big data solutions
- Experience with commercial or government cloud solutions (AWS, etc)
- Configuration & Release Management (P2 - Intermediate)
- Agile working experience is a plus.
Swati Kiran License No.: 02C3423 Personnel Registration No.: R1878571