DevOps InfoSec Engineer
Role summary
The DevOps InfoSec Engineer will be responsible for enhancing the security posture of the organization's infrastructure and applications. This role requires a strong understanding of cloud-native technologies, CI/CD pipelines, and scripting. Key responsibilities include managing vulnerability assessment programs, ensuring compliance with security standards, and troubleshooting network and security issues. The ideal candidate will have experience with Kubernetes, Unix Shell scripting, and a solid grasp of security concepts like PKI, TLS, and encryption.
Qualifications
· Bachelor’s degree in computer science, systems analysis or a related study, or equivalent experience
· 8 years of experience spanning at least two IT disciplines, including technical architecture, network management, application development, middleware, database management or operations.
· Experience with Kubernetes is a must - with broad experience in prominent cloud native technologies.
· Experience in building and maintaining CI & CD for frontend, backend and mobile platforms.
· Proficiency in Unix Shell scripting, and some proficiency in Python preferred
· Strong understanding of
network architecture and application development
methodologies.
· An understanding of common traps and pitfalls that can occur in a globally distributed infrastructure.
· Experience working with Compliance programs like PCI-DSS or SOC2 is a plus.
·
Experience in managing vulnerability assessment programs across various infrastructure tiers, including penetration testing, vulnerability scanning and remediation activities.
·
Familiarity with CVE databases, vulnerability scoring systems (e.g., CVSS), and security industry standards such as ISO 27001 and NIST.
· Strong understanding of
security concepts around PKI, TLS and encryption
.
· Experience using
network and security troubleshooting tools – both at host and at network tier.