This is an exciting opportunity for an experienced Software Engineer to join a growing Cyber Security business. As a Devsec Engineer you will have the opportunity to develop a long-term career and make a real difference to the success of the team and business. A Devops methodology is being introduced into their development and with their third parties.
As a Software Engineer you will be responsible for the building, testing and maintenance of the infrastructure and tools to allow for development and release of software, containerising software and integrating security practices at every phase of software development.
As the Devsec Engineer you will be responsible for the following
* Build and set up new development tools and infrastructure to provide a security environment within which an Agile approach to development can operate.
* Identify and incorporate security practices into the software build mechanism and engineering development infrastructure, including control of containerised areas, automating as appropriate.
* Develop and test installations for products ensuring adequate levels of security; release products to internal and external customers, ensuring quality standards and specifications are met.
* Incorporate threat analysis and vulnerability scanning and patching into the release cycle to ensure common vulnerabilities and exposures are minimised.
* Ensure that all the product build materials, e.g. Installations, source code, and documentation, are appropriately backed up and archived.
* Develop and maintain installation packages for all relevant products, ensuring that installations do not adversely affect other products.
* Ensure systems and software are compliant through patch management
* Manage solution releases and packaging for both internal and external environments through a variety of media.
The Devsec engineer will have the following experience: -
* Proven experience in Software Development
* Knowledge of DevSecOps, tools and practices, including Git, Kubernetes, Docker and Jenkins. Experience in AWS, containers, orchestration, registries, networking and networking protocols. Understanding of threat modelling and risk assessment techniques.
If this is the role for you, then apply today