Devsecops Security Consultant Job in Mindpool Technologies Limited

Job Description

Collaborate with IT operations teams, advise on security best practices and ensure security requirements are followed

Work to embed security in the DevOps lifecycle by automating the scanning and reporting of known errors, securely managing passwords and keys and to continuously improve your Security practices

Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs

Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps

Implement a tools driven and highly automated approach to deliver key security management processes by maximizing use of existing toolsets

Qualifications

Build, monitor, and maintain continuous integration (CI) pipelines usingDevSecOpsarchitecture

Extensive experience in end-to-end DevOps Cycle like virtualization, automation, and deployment

Working knowledge of Testing and deployment automation with Jenkins and Ansible

Good working experience on Shell scripting, Maven, Appium, TestNG, Junit, RestHttpClient, Github, Maven, Jenkins, Ansible, Artifactory, Selenium Web Driver & SQL, Docker, Java, Python, Ruby, Perl, Scripting YAML

Good knowledge of Python

In depth security experience with Security specific tools: SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), SCA, vulnerability scanners/reporting, IAM, penetration test tools, network security scanners, reverse engineering tools, security Information & event Management (SIEM), ITSM etc.

Experience in API security and credentials management

Good experience in Containerization, Kubernetes / Docker / OpenShift clusters

Must have a good knowledge of the DevOps culture, principles and processes

Must have skills in IT Operations Management

Proficiency in security architectures, cybersecurity skills and knowledge of risk assessment techniques across the product

Experience in software development and SSDLC

Preferred expertise in design, implement, support and evaluate security-focused tools, vulnerability management tools and services.

Knowledge in security and compliance certifications: ISO27001, PCI, HIPAA, GDPR and SOC-2 compliance.

Proficient in Agile methodology with an ability to adapt quickly to changing technology requirements

Good working experience in any one cloud computing environment Azure, AWS or GCP native security tooling

Preferred to haveCloud Security Certifications in Azure, AWS or GCP

Preferred cyber Security Certifications like CSSLP, CCSP, CEH etc

Additional information

Good oral and written communication.

Very good analytical skills and listening skills

With Strong interpersonal and communication skills and ability to work as a team player.

Ability to work independently with minimal direction, self-motivated and have excellent attitude