Overview
On Site
$$52 / hr
Contract - W2
Contract - 1 day((s))
Skills
DevSecOps Developer
Job Details
Job Description:
Requirement/Must Have:
- Expertise in Python, Bash, Go, Ruby, and JavaScript.
- Proficient with regular expressions for parsing and automation.
- Deep understanding of cryptography (TLS, SSL), authentication/authorization (OAuth2, SAML, JWT), and secure coding (OWASP Top 10).
- Hands-on experience with cloud security tools and practices in AWS, Azure, or Google Cloud Platform.
- Strong knowledge of Docker and Kubernetes security (RBAC, Network Policies, Pod Security).
- Experience with container scanning tools (Anchore, Sysdig).
- Familiarity with SOC 2, PCI-DSS, HIPAA, GDPR, and auditing practices.
Experience:
- Proven experience with SAST (Sonar Qube, Semgrep), DAST (OWASP ZAP, Burp Suite), SCA (Snyk, Mend.io).
- Hands-on experience with CI/CD tools (Jenkins, GitHub Actions, GitLab CI, Circle CI).
- Experience managing cloud platforms (AWS, Azure, Google Cloud Platform).
- Proficient in Infrastructure as Code tools (Terraform, Pulumi).
- Comfortable with monitoring/logging tools (Prometheus, Grafana, ELK, Splunk).
- Experience with secrets management tools (HashiCorp Vault).
- Familiar with vulnerability scanning tools (Qualys, Nessus, OpenVAS).
Responsibilities and Duties:
- Integrate security checks into CI/CD pipelines (SAST, DAST, SCA, secrets scanning).
- Automate vulnerability scanning and remediation across the software supply chain.
- Secure IaC templates and enforce compliance policies.
- Set up SIEM, IDS/IPS tools and respond to incidents.
- Conduct threat modeling and risk assessments during SDLC phases.
- Integrate and manage security tooling (Sonar Qube, Aqua Security, HashiCorp Vault).
- Ensure compliance with security standards (ISO 27001, NIST, GDPR, HIPAA).
- Maintain audit trails and documentation for audits and assessments.
- Collaborate with development and operations teams to embed security best practices.
- Lead security education and awareness initiatives.
Should Have:
- Strong problem-solving and analytical skills.
- Ability to work independently and collaboratively.
- Excellent communication and documentation skills.
- Experience coaching teams in secure development and DevSecOps practices.
Skills:
- Programming: Python, Bash, Go, JavaScript.
- Tools: Jenkins, ArgoCD, Sonar Qube, GitLeaks, Aqua Security, Vault.
- Cloud: AWS, Azure, Google Cloud Platform.
- Security Standards: OWASP, SOC 2, GDPR.
- DevOps: Terraform, Pulumi, Prometheus, Splunk, Grafana.
- IAM: Okta, Auth0, Keycloak.
Qualification and Education:
- Bachelor's degree in Computer Science, Information Security, or related field.
- Relevant certifications (e.g., AWS Security, Google Cloud Platform Security, CISSP, CKS) preferred.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.