Security Engineer - DevSecOps
Ford
The DevSecOps Security engineer will be responsible for enabling security testing services all through the lifecycle of an application with the required processes and technologies. This includes cultivating a mindset of #securebydesign within the developer community, support driving of automation via the application’s CI / CD Pipeline and supporting vulnerability remediation.
Skillset required:
Experience in Security testing activities such as SAST, DAST, Container Image scanning and associated tools. Deep understanding of modern web application architectures including Microservices, SPAs, and APIs Experience with writing automation scripts. Experience with, or knowledge of common DevOps platforms such as Tekton, CloudBuild, Github Actions etc. Experience with, or knowledge of one or more cloud platforms, such as GCP, Azure or AWS. Good knowledge of Agile processes (planning/standups/retros etc.) Knowledge of AI / ML and LLMsQualifications required:
Three+ years of experience in DevSecOps or Application Security Testing MCA or B.E/B.Tech (Computer Science/IT) or MS-IT from an accredited institution DevSecOps or Application Security related certifications are preferred. Knowledge on Information Security Policies / Frameworks Self-Starter who can work in ambiguous situations and drive to a solution Strong interpersonal skills, including ability to educate and influence Good communication and presentation skills Willingness to learn new technologies and concepts Willing to work flexible hours across time zones to support global applications.Position responsibilities include:
Define the policies and processes necessary to support DevSecOps for the Enterprise. Engage early with developers in the software lifecycle development lifecycle and support enablement of security testing all through the lifecycle. Identify and implement opportunities for automating security testing and enabling it via the application’s CI / CD pipeline. Facilitate the seamless onboarding of applications into security tools and provide necessary guidance to developers around performing scans. Support application teams with the remediation of vulnerabilities and weaknesses identified as part of security testing. Spread awareness about application security and DevSecOps to the development community. Working closely with security tool vendors on bug fixes and feature requests. Produce and report necessary operational and vulnerability metrics to cyber and operations Leadership.
Por favor confirme su dirección de correo electrónico: Send Email