Description
DevOps Information Security Consultant - Insurance/DevOps/Security/Data Analytics
KEY SKILLS
DevOps
Information Security
Insurance
Framework Building
THE ROLE
A leading London based insurer is looking for a DevOps Information Security Consultant to help develop an application security framework that reduces the impact on time it takes the security team to do due diligence on a DevOps framework.
The framework should include:
- A methodology defined for assessing risks posed by new DevOps code and consider the impact across the entire application estate.
- A criteria for deciding which changes need automated vulnerability scan or automated code review, and which changes would require a penetration test or a manual code review.
- Procedures for managing approved trusted libraries and maintain an inventory. It is expected that consultancy guidance for the DevOps team on how to use the libraries securely will be provided.
- Policies and procedures that define acceptable risk levels.
THE CLIENT
A leading London insurer.