Devsecops Architect

Project Description**:

DevSecOps Architect role will have a major role to help implementing shift left security in DevSecOps program and define the required security guardrails.

In addition, the role will cover leading a team of DevSecOps Security members (Security Testers and Risk Assessors) as those members will be working with dedicated teams of developers to perform many activities such as security scanning, penetration testing and risk assessment (threat modeling).

Also establishing security champion program with secure code warrior.

Responsibilities:

• Develop and update internal cyber security function processes for DevSecOps program
• Craft cyber security function requirements on the DevSecOps program:
• Cybersecurity tools requirements and the integration to CI/CD pipelines to improve developer productivity, agility and code quality

Prepare and present design and implementation documentation to multiple stakeholders.

• Requirements for Application Security Orchestration & Correlation (ASOC)
• Requirements for integrating all Application security tools (DAST, SAST, SCA, IAST, MAST and Threat Modeling) and vulnerability scanning tools ( Nexpose, Qualys, Nessus) with CI/CD tools
• Implementing Security Guardrails
• Mentor and coach juniorlevel DevSecOps security team member
• Work closely with crossfunctional stakeholders to analyze and troubleshoot complex production issues.
• Collaborate closely with development teams to understand their current build and release processes and make recommendations for improvement.
• Partner with crossfunctional stakeholders, including development, operations, quality assurance and security, to streamline processes.
• Provide guidance to development teams to improve performance and operability of the solutions they develop.
• Continuously improve automation idea to enable teams to secure code efficiently and consistently.
• Highlight automated testing requirements to reduce manual effort and improve product quality.

Skills:

Must have

• 10+ years of relevant experience
• Experience with establishing DevSecOps practice
• Experience with agile development and strong understanding of DevOps principles.
• Has extensive experience in penetration testing and threat modeling
• Has extensive knowledge about IT change management and DevSecOps methodology
• Has experience in establishing effective DevSecOps Security team
• Has experience in establishing security champion program or secure code warrior
• Has experience in establishing and configuring Application Security Orchestration & Correlation (ASOC)
• Has experience in (DAST, SAST, SCA, IAST, MAST and Threat Modeling ) Solutions
• Has experience in CI/CD pipeline
• Strong collaboration skills, with a demonstrated ability to work well as part of a team.
• Strong analytical and troubleshooting skills.
• Strong verbal and written communication skills.
• Has experience in securing docker and Kubernetes

Nice to have

Languages:

English:
C1 Advanced

Seniority:

Lead

Relocation package:

If needed, we can help you with relocation process.

Vacancy Specialization

DevOps

Ref Number

VR-82204

---