Assicurazione online per auto e moto del Gruppo Admiral
Vai al sito ConTe.it

Posizioni Aperte

DevOps Security Engineer

Business Support Area~IT
Professional

The DevOps Security Engineer will work with DevOps Teams to setup and maintain security pipeline components within the Software Development Life Cycle. Will be in charge of developing and improving existing automation processes with security as a key component. Will provide support to perform Threat Modeling Activities for the DevOps teams, acting as a trainer and SME. Will collect and report operational metrics to show the effectiveness and efficiency in the implementation of security controls supporting a continuous improvement process.

 

RESPONSIBILITIES

  • Develop a Secure By default mindset in DevOps teams
  • Automate security processes within the SDLC and implement Security tooling
  • Recollect IT DevOps groups findings and use it as lessons learned to reinforce the teams and reduce repetitive findings
  • Develop metrics for continuous improvement on security effectiveness
  • Develop and Implement a Dashboard to transparent and visualize security findings during SDLC, available for all developers
  • Provide feedback to Developers at every step of the software delivery lifecycle, from design through demos to helping out with test automation
  • Incorporate and enforce meaningful security controls without slowing down speed of deployment
  • Train DevOps teams in Software Security best practices
  • Execute Peer reviews (defensive coding and vuln check before commiting to the integration brunch)
  • Lead Threat modeling processes
  • Pursue DevSecOps Transformation, shifting security to the “left”
  • Train Security Champions and be as a second line of support
  • Run incremental static analysis
  • Continuous monitoring over Operation infrastructure
  • Evaluate security before each change goes into production

 

DESIDERABLE PROFILE (KNOWLEDGE AND EXPERIENCE)

Must to have

  • Technical education in Computer Science, Software Engineering or IT-oriented degree program
  • 3+ years Operations experience, preferably in a DevOps or similar role
  • Strong background in Information/Technical Information Security, with a minimum of 3-5 years of DevOps Security and Cybersecurity.
  • Experience with task automation using open source, customized scripts, and/or off-the shelf tools.
  • Experience managing automated build, continuous testing and integration systems and infrastructure supporting applications in a production environment
  • Experience as a developer
  • Flexibility
  • Strong communication skills
  • Can do attitude
  • Organizational skills
  • English level: B1

 

Nice to have

‚óŹ      CISSP, CISA, CRISC or similar certifications

Location: Rome