DevOps Engineer

Key Responsibilities:

• Implement automated security control enforcement and assessments to support DevSecOps initiatives.
• Lead the integration of security checks within CI/CD pipelines ensuring secure delivery processes.
• Perform threat modeling against complex systems to identify potential risks and recommend appropriate controls.
• Direct the adoption of secure cloud computing practices across Azure AWS and GCP platforms.
• Enhance secure software development lifecycle (SDLC) processes to reduce security defects in production environments.
• Conduct security assessments for web mobile and cloudbased applications.
• Collaborate with development teams to review system architecture design and code for vulnerabilities and security flaws.
• Perform detailed threat modeling and risk assessments for applications providing comprehensive security analysis.
• Lead and conduct security acceptance testing including penetration testing of applications APIs and infrastructure.
• Implement and maintain security toolsets such as Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
• Work closely with teams to develop and implement mitigations for identified security risks and vulnerabilities.
• Own manage and update security standards specifications and architectures.
• Lead the evaluation selection and implementation of security tools and technologies as part of the security strategy and roadmap.
• Serve as a subject matter expert in security products infrastructure and best practices.
• Execute penetration tests and red team exercises in cloud environments to identify potential threats.
• Provide mentorship and guidance to junior team members fostering a culture of security awareness.

Qualifications & Experience:

• Bachelors degree (required).
• Relevant certifications in Information Security preferred (e.g. OSCP CISSP AWS Solutions Architect Azure Security Engineer SANS).
• Technical certifications in platforms and tools (e.g. Azure AWS Cisco Palo Alto Sentinel Tenable) preferred.
• 5 8 years of relevant experience in a security organization preferably within a financial institution or highly regulated environment.
• Extensive experience with a wide range of security technologies and cloud platforms.
• Proven expertise in performing penetration testing red team assessments and application security testing.
• Strong understanding of threat modeling risk assessment and secure SDLC practices.

Remote Work :

No