Oferty pracy

SecDevOps analyst-developer

nr ref. 1032

doświadczenie: Od 1 do 2 lat
Kraj: Hiszpania
Miasto:  Madryt - Tres Cantos

Opis

We are looking for a person keen on IT security and development to join a team of SecDevOps specialists. This team is in charge of driving the implementation of a cybersecurity control system in the software lifecycle and subsequent service operation. The main tasks are:

  • Collaborating with the client to define the best way of optimizing their process security during the lifecycle of the developed software.
  • Static Application Security Testing (SAST) and checking for code vulnerabilities with various automatic tools.
  • Dynamic Application Security Testing (DAST) and checking for vulnerabilities with various automatic tools.
  • Process automation.
  • Technical liaison with automation-related organizations, CI/CD and SecDevOps.
  • Providing vulnerability-correction support and consultancy for developer teams.
  • Application security vulnerability management.
  • Creation of automation tools and scripts that allow developers to phase in the security analysis services and integrate them into the agile development methodologies.
  • Automatic deployment of applications and infrastructure using containers.

Wymagania

- Qualification: Electronics, IT engineering or similar
- Level of English: High
- Technical knowledge: 

  • Vulnerability management (OWASP, CWE)
  • Backend development (Python, Java, C++, JS...)
  • SecDevOps methodology
  • CI/CD continuous integration environments
  • Code repositories (Git,SVN…)
  • Orchestration tools (Jenkins, Bamboo)
  • SAST tools (Checkmarx, Kiuwan, Veracode, Fortify)
  • DAST tools (APPScan, APPSpider)
  • Operating systems (Linux, Windows)
  • Use of containers (Docker, Kubernetes)

- Desirable knowledge:

  • Certifications (CEH, CISSP, DSOE, DevOps Foundation)
  • Database management (SQL Server, MySQL)
  • Task management tools (Jira, Redmine, Taiga)