DevSecOps Specialist Job Description Template

We are looking for a DevSecOps Specialist who can help us build functional systems to improve the customer experience. This role will be responsible for deploying product updates and identifying production issues. The ideal candidate will have a solid background in application security and working with vulnerability scanning tools, Agile methodologies, and various CI/CD tools. 

Typical Duties and Responsibilities

  • Define and implement the build, deployment, and monitoring standards
  • Deliver end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment as part of Agile development teams
  • Develop custom scripts to increase system efficiency and lower the human intervention time on tasks
  • Build and configure delivery environments supporting CI/CD tools using Agile delivery methodology
  • Develop, document, and implement CI/CD strategy for management of infrastructure as code baseline
  • Evaluate and analyze threat, vulnerability, impact, and risk of security issues
  • Contribute to the design of information and operational support systems
  • Create scripts and templates to automate infrastructure provisioning and management tasks
  • Design and implement automated security checks and additional security tools within the CI/CD pipeline
  • Install, configure, test, and maintain operating systems, application software, and system management tools
  • Collaborate with our development team to create an automated CI/CD system
  • Develop and design DevSecOps metrics, policies, processes, and procedures
  • Monitor and support all installed systems and infrastructure
  • Oversee the company’s security, backup, and redundancy strategies
  • Identify potential bottlenecks, develop solutions, and implement them with the help of developers
  • Work with vendors and other IT personnel for problem resolution

Education

  • Bachelor’s degree in computer science engineering, or a related field

Required Skills and Experience

  • 5+ years of cybersecurity experience
  • Experience performing secure code reviews and web and mobile application penetration tests
  • Experience deploying and monitoring web applications in AWS
  • Experience with secure development, coding, and engineering practices
  • Experience with infrastructure as code and infrastructure testing strategies
  • Experience with systems reliability, load balancing, monitoring, and logging
  • Experience with end-to-end fully-automated CI/CD pipelines, from code commits to production
  • Experience installing, configuring, and troubleshooting UNIX/Linux based environments
  • Experience administering and performance tuning application stacks, such as Apache, Ruby, JBoss, Tomcat, or NGINX
  • Proficiency in scripting, including shell scripts, Perl, Ruby, Python, Go, Groovy, or Helm
  • Thorough knowledge of networking technologies, OSI network layers, and TCP/IP
  • Knowledge of scripting to support the automation and continuous improvement of processes
  • Knowledge of build/release tools and methodologies in CI/CD pipelines
  • Knowledge of full DevSecOps pipeline, Agile methodology, container security, APIs, and microservices
  • Excellent communication skills

Preferred Qualifications

  • Certification in a cyber security field such as CISSP, GWAPT, or OSCP
Contact us

Recruit with Nexus IT Group