Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the jetpack domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/wathefty/public_html/jobs/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the advanced-ads domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/wathefty/public_html/jobs/wp-includes/functions.php on line 6114
DevSecOps Security lead/Engineer - وظيفتي
وظائف السعوديةوظائف بيت السعودية

DevSecOps Security lead/Engineer

DevSecOps Security lead/Engineer

الوصف الوظيفي

Role Overview

DevSecOps Security lead/Engineer role will have a major role to help implementing shift left security in DevSecOps program and define the required security guardrails, In addition the role will cover leading a team of DevSecOps Security members (Security Testers and Risk Assessors ) as those members will be working with dedicated teams of developers to perform many activities such as security scanning, penetration testing and risk assessment (threat modeling), Also establishing security champion program with secure code warrior

Key Responsibilities

Develop and update internal cyber security function processes for DevSecOps program

Craft cyber security function requirements on the DevSecOps program:

  • Cybersecurity tools requirements and the integration to CI/CD pipelines to improve developer productivity, agility and code quality
  • Prepare and present design and implementation documentation to multiple stakeholders.
  • Requirements for Application Security Orchestration & Correlation (ASOC)
  • Requirements for integrating all Application security tools (DAST, SAST, SCA, IAST, MAST and Threat Modeling) and vulnerability scanning tools ( Nexpose, Qualys, Nessus) with CI/CD tools
  • Requirements for integrating ASOC solution with Issue Tracker
  • Requirements for Integrating ASOC solution with CyberFlows
  • Requirments for Integrating CyberFlows with all Application security tools (DAST, SAST, SCA, IAST, MAST and Threat Modeling) and vulnerability scanning tools ( Nexpose, Qualys, Nessus)

Implementing Security Guardrails

Mentor and coach junior-level DevSecOps security team member

Work closely with cross-functional stakeholders to analyze and troubleshoot complex production issues.

Collaborate closely with development teams to understand their current build and release processes and make recommendations for improvement.

Partner with cross-functional stakeholders, including development, operations, quality assurance and security, to streamline processes.

Provide guidance to development teams to improve the performance and operability of the solutions they develop.

Continuously improve automation idea to enable teams to secure code efficiently and consistently.

Highlight automated testing requirements to reduce manual effort and improve product quality.

المهارات

Experience :

We are looking to hire DevSecOps team leader who is capable to lead a team of penetration testers and threat modelers with following experience and skills:

• Experience with agile development and strong understanding of DevOps principles.

• Has extensive experience in penetration testing and threat modeling

• Has extensive knowledge about IT change management and DevSecOps methodology

• Has experience in establishing effective DevSecOps Security team

• Has experience in establishing security champion program or secure code warrior

• Has experience in establishing and configuring Application Security Orchestration & Correlation (ASOC)

• Has experience in (DAST , SAST, SCA, IAST, MAST and Threat Modeling ) Solutions

• Has experience in CI/CD pipeline

• Strong collaboration skills, with a demonstrated ability to work well as part of a team.

• Strong analytical and troubleshooting skills.

• Strong verbal and written communication skills.

• Has experience in securing docker and Kubernetes

Qualifications:

Preferred Bachelor’s degree or equivalent applied experience

Preferred [8+] years of relevant DevSecOps experience

Preferred [5+] years of relevant penetration testing, threat modeling and security scanning tools

Preferred EXIN DevSecOps Manager certificate

Preferred Global Skill Development Council's (GSDC) Certified DevSecOps Engineer certificate

Preferred GIAC Cloud Security Automation (GCSA) certificate

Preferred Certified DevSecOps Professional CDP certificate

Please respond A.S.A.P with an updated word format profile update your CV according to the job description and also give the answers to the below-mentioned questions.

Email: Fizza@JobsWebPortal.com

1. Position Applied For:

2. Relevant Experience in years?

3. Rate yourself according to Job Description (1 to 10) 10 is the highest)?

4. Current OR Last Net Monthly Salary in SAR?

5. Acceptable Net Monthly Salary in SAR?

6. Earliest Availability to join (DAYS)?

7. Saudi National OR Iqama Status (Transferable OR Visa Required)?

8. Current Location?

تفاصيل الوظيفة

منطقة الوظيفة
الرياض, المملكة العربية السعودية
قطاع الشركة
التعليم العالي
طبيعة عمل الشركة
شركة توظيف
الدور الوظيفي
الهندسة
نوع التوظيف
عقود
الراتب الشهري
$15,000 – $30,000
عدد الوظائف الشاغرة
1

للتقدم على الوظيفة

مقالات ذات صلة

اترك تعليقاً

لن يتم نشر عنوان بريدك الإلكتروني. الحقول الإلزامية مشار إليها بـ *

شاهد أيضاً
إغلاق
زر الذهاب إلى الأعلى