Description
DevOps Engineer - Security | 6 month+ contract, project until 2021 | West London | Up to £525 per day
You'll be working within a small team within a global organisation reporting into the Information Security Lead who need help in reviewing the company's overall DevOps processes with security at the forefront. The role shall require collaborating with the Information Security team in aligning the organisations Digital Transformation programme whereby we are seeking someone who can audit and align a common tooling approach to DevOps ensuring all aspect of security testing with the tooling is implemented and documented.
Candidate should be considered to be very experience in using security related tools used in pipeline components and also have practical hands-on experience with deploying infrastructure through CI/CD procedures whilst working hand in hand with the information security department.
Responsibilities:
- Coordinate and audit current as-is and to-be automation delivery mechanisms and tooling to support security testing
- Look at ways to bring some innovative techniques to improving the security posture for all aspects of security testing using DevOps
- Stay up-to-date on current information security threats.
- Advise and consult with project teams on SecDevOps processes and techniques with the ability to be practical about demonstrating Proof of Concepts
- Work to organise a centralised dashboard to collect and analyse pipeline reports specific to security issues
- Administer access controls and security oversight for key third-parties.
- Generate and highlight security risks based on findings working with in-house project teams
Requirements:
5+ years. hands on experience in the DevOps fields with good exposure to Information Security.
In-depth experience with AWS/Azure security.
Experience in using one or more of the following DevOps Tools:
- Ansible or Terraform and also CloudFormation or generically Infrastructure as a Code (IaC) and techniques surrounding the build and testing of IaC
- Some PowerShell experience would be ideal
- Python and some basic Javascript
- Jenkins and SaaS based pipelines (GitDevOps and Bitbucket)
- Docker and Container Orchestration
- Jira and Confluence
Knowledge of information security industry trends and ability to thoughtfully and effectively integrate new security technology.
Knowledge of security risk frameworks such as ISO 27001 or NIST 800 series.
Comfortable in a fast-paced, lean environment.
BS in Computer Science, Engineering or equivalent degree.