nr ref. 1032
doświadczenie: Od 1 do 2 lat
Miasto: Madryt - Tres Cantos
We are looking for a person keen on IT security and development to join a team of SecDevOps specialists. This team is in charge of driving the implementation of a cybersecurity control system in the software lifecycle and subsequent service operation. The main tasks are:
- Collaborating with the client to define the best way of optimizing their process security during the lifecycle of the developed software.
- Static Application Security Testing (SAST) and checking for code vulnerabilities with various automatic tools.
- Dynamic Application Security Testing (DAST) and checking for vulnerabilities with various automatic tools.
- Process automation.
- Technical liaison with automation-related organizations, CI/CD and SecDevOps.
- Providing vulnerability-correction support and consultancy for developer teams.
- Application security vulnerability management.
- Creation of automation tools and scripts that allow developers to phase in the security analysis services and integrate them into the agile development methodologies.
- Automatic deployment of applications and infrastructure using containers.
- Qualification: Electronics, IT engineering or similar
- Level of English: High
- Technical knowledge:
- Vulnerability management (OWASP, CWE)
- Backend development (Python, Java, C++, JS...)
- SecDevOps methodology
- CI/CD continuous integration environments
- Code repositories (Git,SVN…)
- Orchestration tools (Jenkins, Bamboo)
- SAST tools (Checkmarx, Kiuwan, Veracode, Fortify)
- DAST tools (APPScan, APPSpider)
- Operating systems (Linux, Windows)
- Use of containers (Docker, Kubernetes)
- Desirable knowledge:
- Certifications (CEH, CISSP, DSOE, DevOps Foundation)
- Database management (SQL Server, MySQL)
- Task management tools (Jira, Redmine, Taiga)