Live Connections
Location
Chennai | India
Job description
Senior Technical DevSecOps Consultant
Job Description: Senior Technical DevSecOps Consultant Experience level: 5+ years Role Description As a Senior Technical DevSecOps Consultant, you will play an integral role in our software security team. You will work as a security consultant, implementing DevSecOps in different projects. Additionally, you will collaborate with development teams on their CI/CD solutions to implement application security into the SDLC. Responsibilities: 60% technical work, 40% consultancy and coordination • Work as a security consultant, implementing DevSecOps in different projects. • Collaborate with multiple teams on large-sized projects. • Resolve challenges on complex projects and take responsibility for outcomes. • Communicate effectively, present findings, and collaborate with stakeholders. • Integrate security across the entire Software Development Life Cycle (SDLC). • Assist development teams in integrating automated security tests into their DevOps processes and development environments. • Advise on production-relevant vulnerabilities and eliminate false positives from security reports. • Define and document metrics to assess the effectiveness and efficiency of the Secure Software Development Life Cycle. • Support technical teams in resolving application-related risks and assist development teams in defining and planning security tests. • Define cyber security solutions and tools to support DevOps activities. • Act as a communicative interface, coordinating with relevant contacts within the including Cyber Security and specialist departments. Required Skills: 1. Security Consulting skills: Primary Skills: • Strong communication and interpersonal skills. • Ability to effectively communicate with developers, security professionals, and management. • Ownership and proactivity in identifying, planning, delivering, and tracking activities. 2. Technical skills: • Proficient in DevOps tools and previous working knowledge as a Developer, with hands-on experience in the many of the following: • Good understanding of CI/CD concepts and Pipeline tools: CircleCI OR Jenkins OR GitHub Actions OR GitLab Runner • Infrastructure as Code: Terraform / Ansible / AWS CloudFormation. • Virtualization technologies: Awareness of Container technologies (e.g., Kubernetes). • Programming/Scripting Skills: Python / PowerShell / Shell / Bash / SQL. • Strong knowledge of the Software Development Lifecycle. • Experience working within an Agile setting and knowledge of Agile methodology. 3. Nice to have (Optional): • Knowledge of DAST, SAST, IAST, Container Security Tools, SCA, Secrets Scanning is Preferred • Knowledge on Code Security Testing Tools (one or more): Veracode, Black Duck, Snyk, Sonarqube, SourceClear, OWASP Dependency Check, Dependabot • Security Risk Management: Understanding of security risk management and ability to conduct risk assessments for development teams. • Knowledge of compliance regulations and industry standards, such as OWASP Top 10, NIST, GDPR, and PCI-DSS. ITA Specific: • Hands-on experience in one or more of the following: Java, C#, Kotlin, Swift, NodeJS, React. • Hands-on experience in serverless architectures and API development Other Skills: • Very proficient in the English language, both verbal and written. • User-focused with a 'can-do' attitude and a passion for application security. • Strong background in technical leadership within engineering teams. • Experience in mentoring. • Participation in the end-to-end delivery lifecycle. • Hunger for learning and ability to think outside the box. • High attention to detail. • Comfortable working in a fast-changing environment. • Excellent communication skills. With Regards Madhan [email protected]Job tags
Salary
