We are tech transformation specialists, we are CI&T.
We combine the disruptive power of Artificial Intelligence with human expertise to support large companies in navigating changes in technology and business. With 30 years of experience, 6,000 workers, offices in 10 countries and talents across 5 continents, we operate in the fields of design, strategy, and engineering for global brands, helping clients achieve the full potential of technology as a force for good. Impact is what we deliver.
Mission: As a DevSecOps Architect, your mission is to design and implement secure and efficient CI/CD pipelines that integrate security practices throughout the software development lifecycle. You will collaborate with engineering teams to foster a culture of security and automation, ensuring that development practices align with industry standards and best practices.
Responsibilities: Design and implement secure and efficient CI/CD pipelines that streamline development and deployment processes.Collaborate with development and operations teams to integrate security practices into the CI/CD workflow, ensuring that security is a fundamental aspect of the development lifecycle.Develop and document DevSecOps strategies that promote secure coding, testing, and deployment practices.Identify and address potential security vulnerabilities in the CI/CD processes and recommend appropriate mitigation strategies.Stay updated on industry trends, tools, and methodologies related to DevSecOps and CI/CD to continuously improve practices and solutions.Conduct training and workshops to promote security awareness and best practices among engineering teams.Collaborate with cross-functional teams to ensure successful integration of security tools and processes within existing workflows.Requirements: Proven experience in designing and implementing CI/CD pipelines using tools such as Jenkins, GitLab CI, CircleCI, or similar.Strong understanding of DevSecOps principles and practices, including secure coding and application security.Familiarity with containerization technologies (e.g., Docker, Kubernetes) and cloud platforms (e.g., AWS, Azure, GCP).Knowledge of scripting languages for automation (e.g., Python, Bash).Excellent problem-solving skills and the ability to work collaboratively in a team environment.A proactive and innovative mindset with a passion for continuous improvement in security and development practices.Advanced English level.Nice to Haves: Relevant certifications in DevSecOps, CI/CD, or cloud security (e.g., Certified DevSecOps Professional, AWS Certified DevOps Engineer).Experience with security tools and practices, such as static and dynamic code analysis, vulnerability scanning, and penetration testing.Familiarity with configuration management tools (e.g., Ansible, Terraform) and Infrastructure as Code (IaC) principles.Understanding of compliance frameworks and security standards (e.g., OWASP, NIST).
#J-18808-Ljbffr