Job
Description
Designation: Manager Experience: 8 to 14 years If anyone is interested, please share your resume with cbruno@trinitylifesciences.com Role & responsibilities Create and implement security practices & tools within CI/CD pipelines where applicable to integrate security into the DevOps lifecycle. Identify, evaluate, and remediate security vulnerabilities in applications and infrastructure. Design, develop, & implement solutions to address infrastructure & security requirements. Develop, manage & integrate into CI/CD pipelines automated security testing processes. Oversee security incidents, including monitoring, analysis, and response. Align security practices with project goals in development, operations, & security teams. Set up and manage security monitoring tools and processes. Ensure team creates and maintains comprehensive documentation of security practices, procedures, and incidents. Provide training & guidance to team on security best practices & emerging threats. Be apprised of latest developments in DevSecOps & Cloud to keep the DevSecOps processes current and relevant. Build and support a team of DevSecOps Engineers Preferred candidate profile At least 5 years of proven work experience in DevSecOps, security engineering, or a related field. At least 3 years of people management experience. Bachelors degree in computer science, Information Security, Physics, Mathematics, or a related technical field. Good understanding of security principles, tools & practices for experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD). Proficiency in scripting languages (e.g., Python, Bash). Knowledge of security practices for AWS, Azure, and GCP. Expertise in vulnerability scanning and assessment tools, such as Snyk and InsightAppSec, and familiarity with security services like Wiz, SIEM, SOC, and SentinelOne. Skills in managing security incidents and conducting threat analysis. Familiarity with configuration management tools. Knowledge of API Security, Container Security, and AWS Cloud Security. Understanding compliance standards and policies such as, HIPAA, SOC2, GDPR, and CCPA, including related certification and audit processes. Strong communication skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders. Continuously monitor security controls for all IT Security frameworks Other Skills Relevant security certifications such as CISSP, CEH, AWS Certified Security Specialty. Experience with security frameworks and standards (e.g., NIST, OWASP). Skills in penetration testing and ethical hacking. Experience with DevOps tools (e.g., Docker, Kubernetes). Masters degree in Cybersecurity, Computer Science, Information Security, or a related field. The DevSecOps Manager plays a pivotal role in guiding Trinity teams through the integration of security practices into their software development and operations processes. This management role also brings a wealth of expertise to foster a culture of collaboration, continuous security, and efficiency. The DevSecOps Manager is responsible for building and managing a team of DevSecOps engineers. The team will need to collaborate closely with other cross-functional teams, offering strategic insights to enhance security measures across the entire software development lifecycle. This role requires a profound understanding of DevSecOps principles, a hands-on approach to implementation, the ability to navigate the evolving landscape of cybersecurity threats, team management and team career pathing. The DevSecOps Manager assesses existing development pipelines, identifying opportunities to embed security measures seamlessly. They work closely with development and operations teams to implement automated security testing, code analysis, and deployment processes. Incident response planning and execution form a critical aspect of the role, ensuring swift and effective resolution in case of security breaches.
