Devsecops Engineer

Detalhes da Vaga

Job Overview Weare seeking an experienced DevSecOps Engineer to integrate security practices into our software development lifecycle (SDLC) and infrastructure management processes.
This role will focus on implementing secure coding practices, automating security processes, and enhancing our overall application and infrastructure security posture.
Key Responsibilities Develop and implement secure coding practices and guidelines for development teams; Create and maintain infrastructure as code (IaC) using tools like Terraform, with a focus on security best practices; Implement and manage service account rotation practices across our cloud environments; Develop automation scripts and tools in Go to enhance security processes; Conduct code reviews with a security focus, particularly for Go-based projects Design and implement a centralised secrets management solution; Enhance and secure CI/CD pipelines, integrating security checks and tests; Implement and manage container security practices; Collaborate with development, operations, and security teams to integrate security throughout the SDLC; Develop and maintain security documentation for development and operations processes; Assist in security incident response related to application and infrastructure issues Implement and manage security monitoring and logging solutions for applications and infrastructure; Automate security testing and integrate it into the development process.
Required Skills and Experience 5+ years of experience in DevOps or software development roles, with a strong focus on security; Experience with the Go programming language; Strong understanding of secure coding practices and common vulnerabilities (e.g., OWASPTop10); Experience with infrastructure as code tools, particularly Terraform; Hands-on experience with CI/CD tools (e.g., Jenkins, GitHub, BitBucket); Knowledge of container technologies (Docker, Kubernetes) and associated security practices; Experience with cloud platforms, particularly GCP and AWS; Experience with secrets management tools (e.g., HashiCorp Vault, AWS; Secrets Manager, GCP Secret Manager); Understanding of identity and access management (IAM) concepts and service account management; Experience with security testing tools and practices (SAST, DAST, SCA).
Preferred Qualifications Relevant certifications (e.g., CSSLP, AWS Certified DevOps Engineer, Google Cloud Professional DevOps Engineer); Experience with other programming languages (e.g., Python, Java, JavaScript); Knowledge of compliance requirements related to application security (e.g., PCI DSS, ISO27001) CONTRATAÇÃO PJ E HÍBRIDA


Salário Nominal: A acordar

Fonte: Talent_Dynamic-Ppc

Função de trabalho:

Requisitos

Analista De Infraestrutura De Ti Senior

Ensino superior ou tecnico em redes sistema da informacao ciencia da computacao ou cursos relacionados na area de tecnologia


Netvagas (6508571019) - São Paulo

Publicado 7 days ago

Analista De Infraestrutura Sr Devops

Descricao gestao de containers docker kubernetes e rancher servicos aws redis sqs lambda eks cloudfront route53 e networking conhecimento em


Netvagas (5678461019) - São Paulo

Publicado 7 days ago

Pessoa Desenvolvedora Java Sr 7

Descricao o que esperamos de voce experiencia em desenvolvimento java web e cloud para sistemas com alto volume transacional conhecimento no


Netvagas (4282301019) - São Paulo

Publicado 7 days ago

Engenheiroa De Dados Senior 29681

Descricao atuacao remota periodo de 4 meses iniciais com grandes chances de prorrogacao modelo de contratacao pj ou cooperado experiencia com azure cloud


Netvagas (6262451019) - São Paulo

Publicado 7 days ago

Built at: 2024-11-27T11:59:57.981Z