Talent.com
DevSecOps Application Security Engineer

DevSecOps Application Security Engineer

Alltech Consulting ServicesHartford
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Job Description

Responsibilities

  • Design, implement, and manage security tools and practices within CI / CD pipelines, focusing on reuse, scalability, performance, availability, and security.
  • Lead the implementation of cloud based architectures, networking, and containerization using Infrastructure as Code.
  • Collaborate with teams to ensure secure software development practices in CI / CD pipelines.
  • Create and improve process flows, documentation, and mockups to convey technical details.
  • Integrate security testing tools (e.g., SAST, DAST, SCA, pen testing) into CI / CD workflows.
  • Monitor and respond to security incidents and vulnerabilities promptly.
  • Develop and maintain security policies, procedures, and documentation.
  • Automate security processes to improve efficiency and reduce manual intervention.
  • Partner with AppSec Expert to conduct and automate regular security assessments and audits, ensuring compliance with industry standards.
  • Provide training and support on DevSecOps practices, enabling development teams to adopt and implement them.
  • Utilize Azure DevOps for CI / CD pipeline management and automation.
  • Develop self service capabilities to enhance team productivity and autonomy.
  • Identify and measure the benefits and business value of DevSecOps improvements.
  • Present innovative solutions and ideas across all levels, working as both a leader and contributor.
  • Identify gaps and propose modernization opportunities in the SDLC.
  • Debug and troubleshoot issues with CI / CD pipelines.
  • Create and maintain dashboards and reports to monitor security metrics and CI / CD performance. Requirements :
  • Proven experience as a DevSecOps Engineer or in a similar role.
  • Strong knowledge of security tools (Jfrog xray, Github advanced security) and practices (e.g., OWASP, NIST).
  • Experience with CI / CD tools (e.g., Jenkins, GitLab CI, Azure DevOps).
  • Proficiency in Azure cloud services and infrastructure.
  • Familiarity with containerization and orchestration tools (e.g., Docker, Kubernetes).
  • Strong scripting skills (e.g., Powershell, Bash, BICEPS, ARM, YAML).
  • Excellent problem solving and analytical skills.
  • Strong communication and collaboration skills.
serp_jobs.job_alerts.create_a_job

Application Security Engineer • Hartford