Do you like to create exploits for vulnerabilities, but at the same time help teams deploy mitigations and workarounds for those vulnerabilities to keep them safe. Can you explain a specific vulnerability to individuals who are not tuned to think application security
We are looking for a DevSecOps Engineer with a passion to drive automation at all stages of software development, release, operations and maintenance.
· As one of our DevSecOps Engineers your primary role will be to design, implement, and verify technical solutions to mitigate security issues in Business IT landscape
· Perform Design review, Penetration testing, code and configuration review for applications built on modern tech stacks like Java, Node, Go, PHP, Python, Angular, React, NoSQL, etc.
· You will provide advice on security best practices, and guide teams in developing, adopting, and enforcing security and access policies appropriate to their cloud platforms of choice
· You will perform VAPT on cloud assets, deliver remediation recommendations, and provide knowledgeable assistance in resolving identified vulnerabilities
· You will be actively involved in designing, developing, and integrating commercial and open source security tools in the DevOps pipeline
· Design and implement security automation as part of the continuous integration (CI) and continuous delivery (CD) pipeline of key Business teams in order to proactively uncover security vulnerabilities in a shift-left approach
· Design and implement secure architecture to protect the confidentiality, integrity, and availability of the CI and CD pipelines of key Business teams
· Work effectively with various stakeholders from development, quality engineering (QE), program management, documentation, and security teams
· Create artifacts for various stakeholders and customers