EU DevSecOps Specialist

SmartRecruiting is looking on behalf of its client, an experienced DevSecOps Specialist.

Location: Prague

Business hours: Usually 09.00-17.00 -Monday to Friday, but we offer flexibility.

Project: the candidate will join an important European project, in which one their will have the opportunity to work with international and highly qualified teams.

The ideal candidate should have:

  • European Nationality, Citizenship or Work Permit for the UE.
  • C1 level of English.

Requirements:

  • Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
  • Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Clair, Sonarqube, etc.).
  • Ability to review and analyze vulnerability data application’s and determine any reported vulnerabilities that are false positives.
  • Capability to prepare security vulnerability reports for management.
  • Coordination and remediation of vulnerabilities within established timeframes.
  • Knowledge in Python, Bash and/or other programming and scripting languages.
  • Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc.).
  • Experience configuring, implementing and leveraging computer security.
  • Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
  • DevOps Automation: GitHub/Gitlab
  • Knowledge of Kubernetes, Docker, container orchestration platforms (OpenShift, Rancher), container image registers (i.e. docker hub, harbor)
  • Knowledge of Secret Scanning, Secure code analysis, Dynamic Application Security Testing, Static Application Security Testing tools, Container Scanning.

Nice to have:

  • Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc.).
  • DevOps Automation: Azure DevOps, Jenkins (any), Helm charts.
  • Experience with Microsoft Azure.

Enter your keyword