Description
Excellent role for a DevSecOps Engineer or DevOps Security Engineer/Architect!
Essential Experience:
- Minimum 3+ years' experience in a similar SecDevOps role, ideally in Public Sector programmes;
- Applying security best practices in a SecDevOps context
- Secure by design development and test best practices and frameworks (eg SAFECode);
- End-to-End delivery of services compliant with the Government Security Classification Policies and NCSC best practice and guidance;
- Public Cloud Security architectures, tooling and services (ideally AWS);
- Vulnerability and Malware detection products and processes (eg Nessus, OpenVAS, Snyk);
- System Monitoring/Protective Monitoring principles and solutions;
- Security test tooling and test automation;
- Security Risk Management Methodologies;
- System Hardening (Linux), Continuous OS Deployment, Patching and Reporting;
- Promoting awareness and training others on security best practices, processes and tooling;
- Participating in audits and ensuring compliance
- Provide support to service management teams for incident/change management (Impact Assessment) processes;
- Maintaining documentation, SyOps and SOPs;
- Leadership/engagement with Security Working Groups and stakeholders;
- Expertise with AlienVault or similar SIEM platforms;
- Supporting penetration Testing and IT Health Check processes;
- Working with collaborative tooling including JIRA and Confluence;
- Outstanding interpersonal, verbal and written skills, along with outstanding customer service skills.
Desirable experience:
- Working with Cyber Security Operations Centres;
- Experience of Open Source/Open Standards application development architectures and frameworks;
- Delivering secure services aligned to budgetary and evergreen agendas;
- Ethical Hacking;
- Innovating and promoting new secure technologies and services;
- Providing advisory services to senior programme stakeholder for promote policy, standards and procedural best practice compliance.