DevSecOps Engineer

Company Details

Job Summary

  • Junior Security Architect
  • DevSecOps background
  • 12 months Initial

The Role

DevSecOps Engineer, 12 month initial

  • An experienced Junior Security Architect who has hands on Penetration Testing, DevSecOps experience ( 3 – 4 Years).
  • MUST have qualifications in cyber security and preferable experience working as a junior security architect within large banks.

The candidate will perform the following functions as an individual assignment:

  • Review solution designs & provide security solutions to ensure alignment to InfoSec standards, policies and organizational risk appetite.
  • Applying up-to-date knowledge of threat modeling, risk assessment techniques, code & config reviews and current best practices treat & counter cybersecurity threats
  • Responsible for securing hybrid cloud infrastructure & application deployment
  • Identify & remediate gaps in DevOps processes
    -Be involved in every stage in the software project lifecycle, from initial design and build to rollout and maintenance
    -Experience with CI/CD tools, such as Jenkins, GitLab CI/CD, CircleCI, Puppet etc
    -Experience Docker and Kubernetes etc.
    -Ensure reduction in security-related build time delays.
  • Review efficacy of security controls and treat findings.
  • Ensure information systems are under appropriate control from an information security point of view including maintaining compliance with PCI-DSS, ISO 27001, NSW & Australian Government standards.
  • Ensure alignment to security guard rails.
  • Collaborate with, and provide guidance to, service providers / internal teams to ensure timely and effective delivery of security services and outcomes.
  • Assist in delivery of tactical and strategic security and risks management programs.
  • Represent the Security and Risk team within the organization, its service providers and related parties.
  • Assist in the development of security policy, standards and processes
  • Manage the dependencies and the interfaces between projects
  • Implement program and project governance arrangements
  • Assist with development of security program strategy
  • Monitor and respond to issues at the project and program level as needed
  • Escalate decisions to sponsor and/or program advisory board as necessary
  • Manage relationships with internal and external stakeholders, including vendors, with respect to Program delivery
  • Control of documentation quality including program health checks when needed
  • Provide input into individual project content and provide advice and mentoring as required

The Person

  • Demonstrable and comprehensive experience in stakeholder management involving stakeholders at all levels of the organisation
  • Strong understanding of full system life cycle, its typical phases, the deliverable within the phases
  • Understanding of process improvement methodologies, related concepts, and frameworks
  • Outstanding ability to analyse, isolate and interpret business needs and develop appropriate requirements specifications


Tagged as: cyber security, docker/kubernetes, ci/cd tools, penetration testing, devsecops experience, junior security architect, threat modeling, risk assessment techniques

Visit us on LinkedInVisit us on FacebookVisit us on Twitter