DevSecOps Engineer
at CapitalCom
Warszawa, mazowieckie, Poland -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 20 Nov, 2024 | Not Specified | 22 Aug, 2024 | N/A | Configuration Management,Testing Tools,Bash,Scripting,Docker,Sonarqube,Nessus,Security,Vulnerability,Devops,Languages,Automation,Python | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
We are a leading trading platform that is ambitiously expanding to the four corners of the globe. Our top-rated products have won prestigious industry awards for their cutting-edge technology and seamless client experience. We deliver only the best, so we are always in search of the best people to join our ever-growing talent team.
REQUIREMENTS:
- Proven experience in DevOps, software engineering, or related roles, with a focus on security
- Hands-on experience with cloud platforms (AWS, Azure, GCP), containerisation technologies (Docker, Kubernetes), configuration management (Ansible)
- Proficiency in scripting and automation using languages such as Python or Bash
- Strong understanding of security principles, protocols, and standards (e.g., OWASP Top 10, NIST Cybersecurity Framework, CIS Benchmarks)
- Experience with security testing tools (e.g., Tryvi, Prowler, ScoutSuite, SonarQube, OWASP ZAP, Nessus) and vulnerability management processes
- Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment
- Knowledge of financial industry regulations and compliance requirements is a plus
- Demonstrated ability to adapt to a fast-paced, dynamic environment and drive initiatives independently
Responsibilities:
- Designing Secure CI/CD Pipelines: Develop and maintain automated CI/CD pipelines (preferable Gitlab) with a focus on security best practices, including SAST/DAST/SCA, vulnerability assessment
- Infrastructure Security: Implement and maintain infrastructure as code using Terraform / CloudFormation / Ansible, ensuring secure configuration and compliance with industry standards and regulatory requirements
- Security Monitoring and Incident Response: Set up and manage security monitoring tools to detect and respond to security incidents promptly. Develop incident response playbooks and collaborate with relevant teams to address security incidents effectively
- Security Compliance: Ensure compliance with industry regulations (PCI DSS, GDPR, local financial regulation) and internal security policies. Conduct regular security assessments and audits to identify and address compliance gaps
- Security Tooling and Automation: Evaluate, deploy, and manage security tools and technologies to automate security processes and enhance overall security posture. Continuously research and stay updated on emerging threats and security trends.
- Secrets Management: Design, implement, and maintain robust secrets management solutions and processes using Hashicorp Vault and AWS SM / KMS
- Collaboration and Knowledge Sharing: Work closely with development, operations, and product teams to embed security into the software development lifecycle. Provide security training and guidance to team members to increase awareness and promote a security-first culture. Maintain comprehensive documentation and playbooks for configuring, operating, and troubleshooting security solutions
- Risk Management: Participate in risk assessments and threat modelling exercises to identify potential security risks and vulnerabilities. Develop and implement risk mitigation strategies to minimise exposure to security threats.
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Warszawa, mazowieckie, Poland