DevSecOps Engineer

Salary: £65,000 + Benefits



Our client has been established for over 30 years and are seeking a DevSecOps engineer for their expanding business.

 

Reporting to the Head of Software Product Development, the DevSecOps Engineer will work as part of the Technology team to lead the technical implementation and maintenance of automation infrastructure to improve the collaboration and productivity of software development teams. This includes providing a robust CI/CD pipeline, allowing code to be validated for quality and security and deployed continuously.

 

The DevSecOps Engineer is responsible for maintaining secure and robust environments to deliver software to customers efficiently. They will monitor the performance of the environments and proactively identify capacity requirements and opportunities for efficiencies.

 

Essential Criteria

 

·         BSc (or relevant work experience) in computer science, cyber-security or a related field, including engineering, mathematics, and other STEM subjects

·         Good Knowledge of security best practices for client-server product architectures, focusing predominantly on cloud-based server development.

·         Solid communication skills and expertise in translating technical jargon into business familiar language

·         Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.

·         Familiarity with Amazon AWS & Microsoft Azure Policy, Configuration, and Security Management tools.

·         Familiarity with API Security, Container Security, AWS & Azure Cloud Security

·         Self-motivated, proactive, driven individual with strong problem-solving skills

·         Experience working on Cloud Platforms (AWS & Azure)

·         Proficiency in Bash, Python or other scripting languages

·         Three years of experience working in DevOps/Security culture in a production environment.

·         Review and analyse vulnerability data to identify security risks to the organisation's network, infrastructure, and applications.

·         DevOps Automation: Puppet, Ansible, GitHub, Bitbucket Cloud

·         Experience working within modern application development and engineering teams using DevOps & Agile methodologies.

·         Experience coordinating and performing vulnerability assessments using automated and manual tools.

·         Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools

·         Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.

 

Desirable Criteria

 

·         Industry certifications (CompTIA, MSCA, LPIC) are a bonus

·         CISM, CISSP or other Security Certifications

·         Auditing and Compliance Certifications such as PCI-ISA and PCIP.

·         Knowledge of PCI-DSS, GDPR Standards and Policies and the associated certification and audit processes.

·         Experience with containerised frameworks like Docker.

·         Experience in establishing and maintaining enterprise estate as Infrastructure as Code with a working

·         Knowledge of Terraform, ARM templates, Bicep and other cloud vendor-specific template protocols

 

Main Responsibilities

 

·         Design and implement security systems within the organisation in consultation with our Information Security officer and SOC partners

·         Perform data analysis and conduct forensic investigations when required.

·         Promote a healthy security culture by providing Knowledge and support to our developers and help create security by designing products and services.

·         Responsible for defining and implementing the build, deployment and monitoring standards.

·         A part of agile development teams to deliver end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment.

·         Build and configure delivery environments supporting CD/CI tools using an agile delivery methodology.

·         Create scripts and templates to automate and bootstrap infrastructure provisioning and management tasks.

·         Working closely with our development team to create a continuous automated integration (CI) and continuous delivery (CD) system.

·         Work together with vendors and other IT personnel for problem resolution.

·         Monitor and support all installed systems and infrastructure.

·         Participate in health-monitoring and incident support of software delivered into Production environments by the Team as required (including Out of Hours if necessary).

·         Develop custom scripts to increase system efficiency and reduce human intervention time on tasks.

·         Install, configure, test and maintain operating systems, application software and system management tools.

·         Oversee the company's security, backup, and redundancy strategies.

·         Evaluate application performance, identify potential bottlenecks, develop solutions, and implement them with the help of developers.



Job Title: DevSecOps Engineer

Location: Glasgow

Salary: £65,000 + Benefits

Job Type: Permanent

Job Reference: PH10454

 

Wilde Associates is working in the capacity of an Employment Agency in respect of this vacancy