We are seeking a highly skilled DevSecOps Engineer to join our team. In this role, you will be responsible for integrating security practices into our development and deployment processes. You will focus on automating security scans, integrating security tools into our CI/CD pipelines, and ensuring the security of our applications and infrastructure, particularly in AWS environments.
Key Responsibilities:
- Application Security Scanning: Implement and manage security scanning tools to identify vulnerabilities in application code, libraries, and dependencies throughout the development lifecycle.
- CI/CD Pipeline Integration: Integrate security scanning tools into GitLab CI and Jenkins to automate security checks as part of the continuous integration and deployment process.
- Container Security: Utilize tools such as Wiz to perform container security scanning and ensure that containerized applications are free from vulnerabilities. Build and maintain container scanning processes within GitLab CI/CD pipelines.
- Cloud Security: Apply security best practices and tools within AWS environments to safeguard applications and data. Monitor AWS security services and configure security policies to detect and respond to threats.
- Collaboration and Communication: Work closely with development, operations, and security teams to align security objectives with DevOps processes. Provide guidance and training on security best practices to other team members.
- Continuous Improvement: Stay up to date with the latest security trends, vulnerabilities, and tools. Continuously improve the security posture of the organization by integrating new technologies and practices.
Qualifications:
- Proven experience in DevSecOps, with a strong focus on integrating security into CI/CD pipelines.
- Hands-on experience with security tools such as Wiz, as well as container security scanning and management.
- Strong knowledge of CI/CD tools such as GitLab CI and Jenkins.
- Experience with cloud environments, specifically AWS, and understanding of AWS security services.
- Solid understanding of application security concepts, including vulnerability management and secure coding practices.
- Excellent problem-solving skills and the ability to work independently and as part of a team.
- Strong communication skills to effectively collaborate with cross-functional teams.
Preferred Qualifications:
- Certifications in AWS or cloud security (e.g., AWS Certified Security - Specialty, CISSP, etc.).
- Experience with scripting and automation tools (e.g., Python, Bash, Ansible).
- Familiarity with DevOps tools and practices, such as Docker, Kubernetes, Terraform, etc.
- Understanding of security frameworks and compliance standards (e.g., NIST, ISO 27001).\
Regards,
Gaganpreet Singh
Senior Talent Executive
www.dynpro.com