Job
Description
Job Description We are seeking a highly skilled DevSecOps Engineer with expertise in Sonar, GitLab, GitHub, and Jenkins to join our team. The ideal candidate should have experience in designing and implementing security solutions in a continuous delivery : Collaborate with developers, security engineers, and operations teams to integrate security into the development lifecycle. Design, implement and maintain the CI/CD pipeline using Jenkins, GitLab and GitHub. Implement automated security testing using SonarQube, Snyk, Blackduck etc. and other relevant tools. Develop and maintain security policies, procedures, and standards for the software development lifecycle. Develop and maintain secure coding standards and guidelines. Identify and remediate security vulnerabilities in the software development lifecycle. Conduct security reviews and penetration testing to ensure software security. Participate in incident response and handle security incidents. Work closely with development teams to implement security controls. Provide security guidance to other teams in the : Bachelor's degree in Computer Science, Information Technology or related field. At least 5 years of experience in DevSecOps, security engineering or related field. Experience in CI/CD tools such as Jenkins, GitLab, and GitHub etc. Experience in automated security testing using SonarQube or similar tools. Strong knowledge of security best practices, standards, and methodologies. Experience in designing and implementing security solutions in a continuous delivery environment. Experience with containerization technologies such as Docker and Kubernetes. Strong analytical and problem-solving skills. Strong communication and collaboration skills. Experience with scripting languages such as Python, Bash, or PowerShell. Thorough understanding of the SAST, DAST/IAST, VAPT, Performance Engineering, Application Performance Qualifications Master's degree in Computer Science, Information Technology or related field. Certifications in DevOps, Security, or related fields. Experience with cloud platforms such as AWS, Azure, or GCP. Experience with infrastructure-as-code tools such as Terraform or Ansible. Experience with network security and firewalls. Experience with intrusion detection and prevention systems (ref:hirist.tech) Show more Show less
