Job Description

Senior DevSecOps Engineer, DevOps Consultant wanting to break into DevSecOps, Security Engineering with Coding experience, Mainly Remote Senior Software Security Engineer / Senior DevSecOps Engineer required to work for a fast growing / forward thinking Professional Services business based in Central London. However, this will mainly be remote and you would only be expected to be in the office every now and again. This is an opportunity for a DevOps Consultant / Engineer (with Microsoft Stack Experience Azure Cloud etc) who wants to break into the DevSecOps space and has a genuine interest in breaking into the world of Software Security Engineering. OR we could consider someone already working in the technology security space who has experience with security engineering but using code. Also, anyone that has a technical infrastructure background with IaaS and has experience with code deployment. Ultimately, there has to be a link between what you are doing now and what this role entails. DevSecOps people are in HIGH-DEMAND right now and this could be a huge springboard for someone to make a huge success of their technology career. This is a VERY hands on role and we need this person to look at the product range for this business, analyse from a Software Security perspective and apply the correct solutions as and where required. You MUST understand code and you will ideally come from a development background where you have blossomed into software security. Any knowledge or exposure to the Software Supply Chain would be hugely beneficial here too. The go-to tool they use is Sonar Cloud but any awareness of the likes of CheckMarx or Codacy would also be welcomed. Read on for more details Ideal Experience Required (not all, and in no particular order!) DevOps background wanting to break into DevSecOps IaaS experience with coding IT Security experience but with a coding background Experience in software development and security Exposure to scripting languages such as Python or Ruby, HTML or and/or CSS Experience designing, implementing, and running security tools such as intrusion detection/prevention systems, Web Application Firewalls, IAC and DAST/SAST Knowledge of security standards and compliance regulations such as SOC 2, PCI DSS, and ISO 27001 Experience with cloud infrastructure, particularly Azure DevOps Strong analytical and problem-solving skills Excellent communication and interpersonal skills Experience in software supply chain Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) This is a great opportunity and salary is dependent upon experience.
Apply now for more details.

Quick response

Required Knowledge

• K0039   Knowledge of cybersecurity and privacy principles and methods that apply to software development.
• K0079   Knowledge of software debugging principles.
• K0080   Knowledge of software design tools, methods, and techniques.
• K0081   Knowledge of software development models (e.g., Waterfall Model, Spiral Model).
• K0082   Knowledge of software engineering.
• K0152   Knowledge of software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, simplicity/minimization).
• K0153   Knowledge of software quality assurance process.
• K0178   Knowledge of secure software deployment methodologies, tools, and practices.
• K0212   Knowledge of cybersecurity-enabled software products.
• K0321   Knowledge of engineering concepts as applied to computer architecture and associated computer hardware/software.
• K0045   Knowledge of information security systems engineering principles (NIST SP 800-160).
• K0067   Knowledge of process engineering concepts.
• K0087   Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.

Required Skills

• S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• S0014   Skill in conducting software debugging.
• S0083   Skill in integrating black box security testing tools into quality assurance process of software releases.
• S0024   Skill in designing the integration of hardware and software solutions.
• S0076   Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
• S0140   Skill in applying the systems engineering process.

Required Abilities

• A0047  Ability to develop secure software according to secure software deployment methodologies, tools, and practices.
• A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).