AddressKey Responsibilities:
- Integrate security tools, processes, and analysis into CI/CD pipelines.
- Collaborate with development and operations teams to identify and mitigate security vulnerabilities in the software development lifecycle.
- Automate security testing, compliance checks, and monitoring throughout the build and deployment processes.
- Implement and maintain security controls, policies, and procedures.
- Conduct regular security assessments and vulnerability scans, and manage remediation efforts.
- Stay up-to-date with the latest security trends, vulnerabilities, and technologies to proactively address potential threats.
- Develop and maintain documentation related to security configurations, processes, and procedures.
- NV1 Secuyrity Clearance
- Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience.
- Proven experience as a DevSecOps Engineer or similar role in a fast-paced, agile environment.
- Strong understanding of DevOps principles and practices, including CI/CD pipelines and infrastructure as code (IaC).
- Proficiency in scripting languages such as Python, Bash, or PowerShell.
- Experience with security tools such as static code analysis, dynamic application security testing (DAST), and software composition analysis (SCA).
- Familiarity with cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes).
- In-depth knowledge of security best practices, frameworks (e.g., OWASP, NIST), and compliance standards (e.g., GDPR, HIPAA).
- Excellent problem-solving skills and the ability to work independently and as part of a team.
- Strong communication and collaboration skills.
