Domain Expert - Systems

The role of a DevSecOps Domain Expert in Mumbai, MH, IN focuses on being well-versed in DevOps processes, Application Security, and automation practices to ensure the security, efficiency, and reliability of DevSecOps processes. As a crucial team member, you will be responsible for integrating security within the CI/CD pipeline, implementing best practices throughout the development life cycle, and enhancing productivity through Process Automation. Key Responsibilities include: - Implementing and managing security automation practices within DevOps pipelines to ensure secure software development and deployment. - Identifying, assessing, and mitigating vulnerabilities in applications while enforcing security policies and guidelines. - Conducting threat modeling, vulnerability assessments, and risk analysis to identify security gaps and propose effective solutions. - Providing security guidance to developers, ensuring adherence to secure coding practices, and conducting security standards reviews. - Incorporating Security best practices in the SDLC life cycle and offering training and mentorship on secure coding principles to developers. - Designing, building, and maintaining automated pipelines with integrated security tools such as SAST, DAST, and vulnerability management. - Establishing monitoring systems for DevSecOps onboarding, deployment, and runtime application security, and collaborating on incident response and investigations. - Documenting and maintaining policies and procedures for secure development and deployment. - Keeping abreast of industry trends and emerging technologies in DevSecOps and Application security to identify opportunities for process enhancement. Qualifications Required: - BE (Comp Sc. / IT), Masters Degree (Comp. Science/IT), MCA Previous Experience: - 8+ years of overall experience with a minimum of 3 years in DevSecOps and Application security. - Proficiency in CI/CD tools like Jenkins, GitLab, and security tools such as F5, Fortify, SonarQube. - In-depth understanding of secure coding practices and application security testing methodologies. This role offers a unique opportunity to contribute to the security, efficiency, and scalability of DevSecOps processes while staying updated on industry best practices and technologies.,