6 Months Contract
AppSec/DevOpSec Security Engineer
We are seeking a highly skilled and motivated Appsec/DevSecOps Engineer to join our cybersecurity architecture and engineering team.
This role is crucial for integrating security into our DevOps processes, ensuring the safety and compliance of our software development and deployment in the life sciences and pharmaceutical sectors.
Responsibilities:
Must-Have:
Secure cloud environments (AWS, Azure, GCP) using tools like AWS Security Hub, Azure Security Center, and other cloud-based tools.
Strong knowledge of IaC tools to manage multi-cloud configurations (AWS, Azure) like Terraform, Ansible and CloudFormation.
Deep knowledge of application security by adhering to OWASP top 10 and secure coding practices.
Identify and mitigate vulnerabilities using tools like OWASP ZAP, Burp Suite, and Nessus
Highly experienced in Automate security tasks and incident response using scripting languages (Bash, Python, PowerShell).
Strong understanding or experience in API security and attack vectors.
Strong in Secure CI/CD pipelines using Jenkins, GitLab CI/CD, and AWS CodePipeline.
Deep knowledge of container security: Ensure the security of containerized applications using Docker and Kubernetes.
Deep understanding of Serverless Workloads and Orchestration tools (AWS Lambda, Azure Functions, Kubernetes, HELM)
Experience in monitoring tools like Prometheus, Grafana, and ELK Stack to detect and respond to security incidents.
Experience in Secure CI/CD pipelines and implement SAST and DAST.
Manage multiple security projects simultaneously.
Effectively communicate with stakeholders and internal customers.
High english level
Nice to Have
Knowledgeable of security frameworks (NIST, ISO 27001, PCI DSS, HIPAA, GDPR).
Knowledge of preferred experience with FDA GxP regulations.
Knowledgeable in Conduct gap assessments and develop remediation plans.
Qualifications
CDP, CDE, CSSLP (Certified Secure Software Lifecycle Professional) or equivalent
Strong knowledge of cloud platforms (AWS, Azure).
AWS/Azure Certified Security Specialist preferred.
Strong understanding of networking, cryptography, and security protocols.
Exceptional analytical skills, problem-solving abilities, and attention to detail.