This job has expired

Lead DevSecOps Consultant

Employer
Concept Resourcing
Location
UK
Salary
Competitive
Closing date
23 May 2022

View more

Sector
Technology & New Media
Contract Type
Permanent
Hours
Full Time
You need to sign in or create an account to save a job.
Lead DevSecOps Consultant - DevSecOps Consultant - DevSecOps - NIST - CISSP - OWASP - Safecode - SYNK - Fortify - Remote Working - Permanent - £70- £80k Base DOE + Excellent package

Location: Remote

Salary: £70k- £80k + Package

The Role:

This is an exciting opportunity to join our client's Security Operations Team as a Lead DevSecOps Consultant, supporting the next phase of their growth. You'll be joining a culture of knowledge sharing and continuous learning with expert peers in SecOps and engineering. We aim to create an environment where everyone can reach their full potential. We work together, we are passionate, creative, and we embrace difference.

As the Lead DevSecOps Consultant will be required to support our client to define and implement security architectures and solutions that match their clients' requirements. You'll work in close partnership with their clients to ensure the delivery of expert services by complementing their inhouse Information and Cyber Security resources combining expertise in information security, testing, automation, and business advice.

Responsibilities:

Provide technical leadership within a software engineering environment, covering all components of the development process, and supporting infrastructure.
Repo Configuration and management
Produce gap analysis on current controls and configurationsusingNCSC,OWASPandSafecode, including:
Repo configuration and management
The tuning and configuration of tooling.
Optimisation of Automated processes.
Awareness of good practice across development/feature teams.
Supporting the technical risk management approach, by evaluating technical solution requirements, and applying security policy, standards, threats, and vulnerability information, for the identification of potential risks to the client.
Supporting new online and digital transactional services, ensuring adherence to industry standards, and the identification and assessment of risks and their effective management and mitigation, to ensure the security of information assets and systems, and confidence in service delivery.
Promote the adoption of architectural principles to reduce information risk.
Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter measures to mitigate identified information risks.

Skills:

You're a Security Consultant with experience of providing technical leadership within a software engineering environment.
You've automated testing processes across large and complex environments with demanding functional and non-functional requirements.
You have a broad range of knowledge across web, mobile and cloud security.
You have a good understanding of software testing and the secure software development life cycle and ideally have a background in both software development and penetration testing.
Possess strong hands-on experience in reviewing project delivery plans relating to security systems and testing.
You have practical experience working with NIST, OWASP top 10, Safecode, CIS top 20, NCSC Security policy Standards, ISO/IEC 27001.
You have experience working with Tooling e.g. OWASP ZAPP, SNYK and Fortify.
Possess awareness and understanding of HMG and NCSC Security policies, standards, and guidance.
Desirables:

Have knowledge and awareness of the following:
CISSP
TOGAF
Agile Project Methodology
Awareness of appropriate software development languages e.g. Terraform, Ansible, Python, Java, Node.jsISO 27002/27005
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert