This job has expired

DevSecOps Delivery Consultant

Employer
myGwork
Location
UK
Salary
Competitive
Closing date
23 May 2022

View more

Sector
Technology & New Media
Contract Type
Permanent
Hours
Full Time
You need to sign in or create an account to save a job.
The job on offer
Capgemini's Global Cybersecurity Practice of over 4,000 professionals delivers projects, consulting and Managed Run services in all areas of IT and OT, from networks to cloud services and everything in between. Within this practice, we have a thriving and growing Global DevSecOps community. Not only are we seeking to grow our reputation within Capgemini but also to lead and innovate externally through contributions to relevant industry bodies such as OWASP. It is our ambition to become renowned as a leader in the delivery of DevSecOps. We are determined to grasp the opportunity presented by the cultural change bought about by DevOps and embed security as a true enabler, delivering continuous security improvement at the pace demanded by modern digital business.

You will provide security consulting and delivery capability to our customers as a trusted authority, architecting and delivering secure CI/CD pipelines for promotion of applications and infrastructure into hybrid cloud environments, while embedding security tooling and adopting a 'shift-left' approach.

You will provide security consulting and delivery capability to our customers as a trusted authority, architecting and delivering secure CI/CD pipelines for promotion of applications and infrastructure into hybrid cloud environments, while embedding security tooling and adopting a 'shift-left' approach.
Your role
As a DevSecOps Delivery Consultant you'll consult and delivery across one or more of the following areas:

• Helping our clients to architect secure CI/CD pipelines.
• Assessing the maturity of security within our clients DevOps processes.
• Embedding static, dynamic, interactive and mobile application security testing tools within application CI/CD pipelines.
• Embedding Software Composition Analysis tools within CI/CD pipelines.
• Embedding container vulnerability scanning tools within CI/CD pipelines.
• Automating the delivery of secure cloud configurations within AWS, Azure or GCP using Infrastructure as Code.
• Embedding tools to scan Infrastructure as Code and test compliance with organizational cloud security policies within infrastructure CI/CD pipelines.
• Definition of guardrails using cloud native technologies such as Azure Management Groups and Azure Policy or AWS Organizations and Service Control Policies.
• Automating secure configurations using tools such as Chef, Puppet and Ansible.
• Delivery of DevSecOps pipelines with security tooling embedded within them using automation servers.
• Definition of security requirements for container management services based on Kubernetes and Docker.
• Definition of security requirements for source code repositories, binary repositories and secrets managers used within CI/CD pipelines.
• Working closely with software engineers and/or platform engineers to embed security thinking into DevOps teams.
• Delivery of security training to software engineers and/or platform engineers.
• Development of secure coding standards.
Your profile
• You will be comfortable working alone or as part of a team bring to use your experience in one or more of the following:
• Practical hands on experience of embedding security within CI/CD pipelines.
• Confident architecting solutions for one of the major public cloud platforms.
• Experience using application security testing tools and interpreting results.
• Proven ability to develop DevSecOps requirements and lead development and delivery or DevSecOps architectures.
• Experience working as a client-side advisor leading DevSecOps initiatives.
• A thirst for knowledge, a self-starter who is interested in expanding their experience through continual development.

Key Technologies you'll use (one or more of): AWS / Azure / GCP, GitHub / GitLab, Azure DevOps, Docker / Kubernetes, Jenkins / TeamCity / CircleCI / Bamboo, Chef / Ansible / Puppet, Veracode / CheckMarx / Fortify, OWASP ZAP / Burp Suite, Snyk, Terraform, JFrog Artifactory / JFrog X-Ray.
Why Capgemini is unique
Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce a critical component for us to achieve our organisational ambitions. To help support wellbeing we have trained 'Mental Health Champions' across each of our business areas. We have also invested in wellbeing apps such as Thrive and Peppy.

We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better.
About Capgemini
Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of 270,000 team members in nearly 50 countries. With its strong 50 year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fuelled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2020 global revenues of €16 billion.

Get the Future You Want | www.capgemini.com

This employer is a corporate member of myGwork - LGBTQ+ professionals, the business community for LGBTQ+ professionals, students, inclusive employers & anyone who believes in workplace equality.
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert