Skills:
Security Automation, Continuous Integration/Continuous Deployment (CI/CD), Vulnerability Management, Cloud Security, DevOps Tools (e.g. Jenkins, Docker), Compliance and Risk Management, Secure Coding Practices, Threat Modeling,
Responsibilities
Create, develop, and implement solutions to address infrastructure and security requirements.
Identify the needs for build automation, designing, and implementing CICD solutions.
Consult on DevSecOps requirements from diverse application/line of business partners.
Create plug-and-play/reusable solutions and patterns for CICD pipelines.
Create, develop, and implement automation and system integration for various build platforms.
Publish and disseminate CICD best practices, patterns, and solutions.
Ensure that the services uptime and response time SLAs/OLAs are met or surpassed.
Build or maintain CICD building blocks and shared libraries proactively for app and development teams to enable quicker build and deployment.
Design action plans to address CICD platform/tools/solutions shortcomings and difficulties.
Actively participate in bridge calls with team members and contractors/vendors to prevent or quickly address problems.
Troubleshoot, identify, and fix problems in the DevSecOps domain.
Ensure incident tracking tools are updated in accordance with established norms and processes, gather all essential data and document any discoveries and concerns.
Identify management concerns and problems, assess them, and offer prompt solutions and/or escalation.
Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL).
Create and publish engineering platforms and solutions.
Qualification: B.E./B.Tech/MCA
Work experience: 2-5 Years
Comprehensive technical expertise in a variety of DevSecOps toolkits, including Ansible, Jenkins, Artifactory, Jira, Fortify, Black Duck, Trivy, Terraform, Git/Version Control Software, or comparable technologies.
Familiarity with information security frameworks and standards.
Knowledge of DevOps Automation (TerraFrom, GitHub, GitHub Actions).
Familiarity with API Security, Container Security, AWS Cloud Security.
Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA Standards and Policies and the associated certification and audit processes.
Familiarity with Amazon AWS policy, configuration, and security management tools.
Experience with security automation and machine learning.
Proven capacity for thinking leadership and a highly creative problem-solver.
Excellent analytical and interpersonal skills.
Ability to express technical information clearly at different organizational levels.
- Systematic problem-solving skills, with the ability to think.
- Excellent in analytical thinking for translating data into informative visuals and reports.
- Adaptable to change.
- Quick Learner Open learn and work on new technologies and Products
