DevSecOps Lead

This listing has expired.

ID: 9890 Location: Budapest Job type: DevOps Engineer

Working as a member of the Security Architecture team, the DevSecOps Lead will focus on the implementation, management and continuous improvement of security controls.
The DevSecOps Lead will cooperate with Security Architecture and DevOps teams to implement defined security controls in the CI/CD pipeline. The DevSecOps Lead will advise development teams on how to design secure applications and cloud environments. As a person who understands deeply CI/CD pipeline technologies, the role will make decisions (based on security measures) about software deployment in production stage.

Key responsibilities

Implement, manage and continuously improve of security controls in Software Development Life Cycle
Be an Application security advisor
Make decisions (based on security measures) about software deployment in production stage
Perform required application security analyses (including threat modeling, risk assessment, business impact etc.)
Create and adjust automation for Pre-commit, Commit-time, Build-time, Test-time and Deploy-time checks
Closely cooperate with the rest of architecting/project teams

Requirements

A bachelors degree in Computer Science, Engineering, Information Security, or equivalent work experience
5+ years of relevant professional experience (Agile development, Continuous Integration and development (CI/CD), Secure software development (SSDLC), Applications IT Security, Cloud Security)
Proven hands-on experience with automation tools and scripting (Jenkins, Ansible, Terraform)
Proven hands-on experience with SVN tools like Git, Bit Bucket, Github.
Deep understanding about security concepts in Enterprise
Knowledge of industry regulations and requirements such as ISO27001, NIST, PCI-DSS, HIPAA and other industry standards
Experience in implementing and maintaining security controls and best practices for cloud components like VMs, microservices, serverless functions
Knowledge of applications security
Programming experience with scripting languages like Python, Bash, PowerShell
Experience in development and operations of ELK (Elasticsearch, Logstash, and Kibana, Winlogbeat and Beats) stack
Experience with AWS and/or Azure Cloud solutions
Proven hands-on experience with container security tools like Twistlock, Aqua Security, Sysdig, Snyk
Knowledge of trouble ticketing systems/CRM
Strong interpersonal and user service skills
Proficient knowledge about enterprise processes based on ITIL
English language skills (spoken and written)

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_M9DV83L55K	2 years	This cookie is installed by Google Analytics.
_gat_UA-209057665-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

DevSecOps Lead

Key responsibilities

Requirements

Application with CV

See more developers

See more experts