DevSecOps Engineer at GVA Partners

Responsibilities

• Working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
• Coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, NMAP, etc).
• Review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
• Prepare security vulnerability and risk management reports for management.
• Configure, implement and leverage computer security and networking diagnostic/monitoring tools.
• Work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
• Implement secure automation solutions for all environments.
• Provide deployment capability to deliver products to point of need, including multiple cloud based solutions.
• Incorporate best practices to increase the quality & velocity of deployments.
• Implement security best practices and configuration management.
• Increase system performance with a focus on high availability and scalability.
• Employ infrastructure as code paradigm to increase automation, scalability, and reliability.
• Perform technology watch related to industry trends, best practices, and competition.

Requirements

• Bachelor's Degree in Computer Science, Information Technology or any other related field  with minimum of 5 years’ experience
• Developed CI/CD solution preferably using Gitlab
• Experience with Docker, Kubernetes, HSM's, Terraform and Ansible
• Scripting experience in Bash and Python
• Able to work under pressure in event of a production failure issues
• Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes.
• Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
• Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
• Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)