AppSec
About the job
We are seeking a fresh graduate DevSecOps Engineer to join our team. The ideal candidate will have a strong background in both software development and security, with knowledge in implementing security controls and practices within a DevOps environment. The DevSecOps Engineer will be responsible for ensuring the security of our client’s software development pipeline and infrastructure by implementing security controls, automating security testing, and providing guidance and best practices to development teams.
Responsibilities
- Implement security controls and practices within the software development pipeline, including continuous integration and continuous delivery (CI/CD)
- Automate security testing, including static and dynamic analysis, as part of the software development pipeline
- Provide guidance and best practices to development teams to ensure secure coding practices
- Stay current with new vulnerabilities and attack techniques
- Collaborate with other teams to ensure that security is integrated into the software development lifecycle
- Participate in incident response and remediation activities as needed
- Ensure compliance with industry and regulatory standards
- Conduct threat modelling and penetration testing.
Qualifications
- Knowledge in software development and security
- Strong understanding of DevOps principles and practices, including CI/CD
- Familiarity with industry standard security testing tools (e.g. Burp Suite, OWASP ZAP, etc.)
- Familiarity with common web and mobile vulnerabilities (e.g. SQL Injection, XSS, CSRF, etc.)
- Strong understanding of software development principles and the software development lifecycle
- Experience with programming languages such as Python, Java, .NET, and JavaScript
- Strong communication and report writing skills
- Familiarity with cloud environments (e.g. AWS, Azure)
- Knowledge in Docker and Kubernete
Posted on Oct 30, 2023.