Net Talent are partnering with a scaling tech company who are a disrupter in the wealth management industry. They are in search of a DevSecOps engineer who will play a pivotal role in shaping and advancing their cutting-edge platform. As a passionate advocate for security, you will tackle intricate challenges with a pragmatic approach to platform design. Leveraging modern tools, programming languages, and platforms, your mission will be to contribute to the efficient, secure, and scalable delivery of high-performance products.
Your Responsibilities:
- Employ modern tooling to integrate security early in the development process, collaborating closely with development teams.
- Review and implement security best practices, ensuring compliance through effective controls.
- Establish security gates within the CI/CD workflows to ensure secure deployments.
- Craft Infrastructure-as-Code to consistently build secure infrastructure.
- Proactively manage infrastructure and code patching.
- In addition to security, contribute to non-functional aspects of the Platform team, such as enhancing observability, expanding the data infrastructure, and maintaining deployment tooling.
- Engage in discussions about processes and methodologies, actively introducing new ideas and challenging conventional practices. Promote a culture of psychological safety, where sharing opinions confidently contributes to achieving high-quality standards.
- Leverage managed services to enable the team to concentrate on delivering core business value.
Qualifications: To excel in this role, you should possess at least some of the following:
- Experience operating solutions within AWS, utilizing Infrastructure-as-Code.
- Exposure to Audits, Compliance, and Security frameworks (ISO27001, SOC2, OWASP, SAMM, DSOMM).
- Knowledge of embedded security, including IDE plugins, SAST, DAST, and SCA.
- Experience conducting vulnerability scanning and penetration testing.
- Proficiency in threat detection and prevention, including IDS, IPS, SOC, threat list blocking, and WAF/SIEM.
- Familiarity with cloud account management tools such as AWS Control Tower, GuardDuty, Config, Security Hub, and CloudTrail.
- Competence in identity management protocols such as SAML, OAuth, OIDC, and AWS IAM.
- Expertise in secret management tools like AWS Secrets Manager and Parameter Store.
- Skill in patch management, including security updates, AWS SSM, and Dependabot.