Job Summary

• Junior Security Architect
• DevSecOps background
• 12 months Initial

The Role

DevSecOps Engineer, 12 month initial

• An experienced Junior Security Architect who has hands on Penetration Testing, DevSecOps experience ( 3 – 4 Years).
• MUST have qualifications in cyber security and preferable experience working as a junior security architect within large banks.

The candidate will perform the following functions as an individual assignment:

• Review solution designs & provide security solutions to ensure alignment to InfoSec standards, policies and organizational risk appetite.
• Applying up-to-date knowledge of threat modeling, risk assessment techniques, code & config reviews and current best practices treat & counter cybersecurity threats
• Responsible for securing hybrid cloud infrastructure & application deployment
• Identify & remediate gaps in DevOps processes
  -Be involved in every stage in the software project lifecycle, from initial design and build to rollout and maintenance
  -Experience with CI/CD tools, such as Jenkins, GitLab CI/CD, CircleCI, Puppet etc
  -Experience Docker and Kubernetes etc.
  -Ensure reduction in security-related build time delays.
• Review efficacy of security controls and treat findings.
• Ensure information systems are under appropriate control from an information security point of view including maintaining compliance with PCI-DSS, ISO 27001, NSW & Australian Government standards.
• Ensure alignment to security guard rails.
• Collaborate with, and provide guidance to, service providers / internal teams to ensure timely and effective delivery of security services and outcomes.
• Assist in delivery of tactical and strategic security and risks management programs.
• Represent the Security and Risk team within the organization, its service providers and related parties.
• Assist in the development of security policy, standards and processes
• Manage the dependencies and the interfaces between projects
• Implement program and project governance arrangements
• Assist with development of security program strategy
• Monitor and respond to issues at the project and program level as needed
• Escalate decisions to sponsor and/or program advisory board as necessary
• Manage relationships with internal and external stakeholders, including vendors, with respect to Program delivery
• Control of documentation quality including program health checks when needed
• Provide input into individual project content and provide advice and mentoring as required

The Person

• Demonstrable and comprehensive experience in stakeholder management involving stakeholders at all levels of the organisation
• Strong understanding of full system life cycle, its typical phases, the deliverable within the phases
• Understanding of process improvement methodologies, related concepts, and frameworks
• Outstanding ability to analyse, isolate and interpret business needs and develop appropriate requirements specifications

Tagged as: cyber security, docker/kubernetes, ci/cd tools, penetration testing, devsecops experience, junior security architect, threat modeling, risk assessment techniques