DevSecOps

As a DevSecOps Engineer, your primary challenge will be to manage the security of our global cloud infrastructure, taking the lead on the protection, guidance, designing, automation and support of the cloud security operations.

Responsibilities
● Responsible for the security of the Cloud and Monitoring environments
● Guide and design a secure infrastructure, assisting DevOps, R&D, IT and other tech leaders to ensure security standards are kept
● Identify security tools and lead the implementation of solutions from POC to Production (e.g., CSPM, Runtime Protection, Container Security, Pipeline integrity, API Security, etc.)
● Manage and maintain existing security systems and tools
● Lead NI’s cloud compliance by maintaining proper audit trails and logging of security events.
● Work closely with R&D, Product and DevOps to define security strategy and execute it.
● Be part of architectural design for applications and infrastructure
● Work alongside Architects, Developers, IT, and other tech leads in the company to design and support best of breed integrations with 3rd party partners, vendors and clients
● Ensure the implementation of Security and Privacy by Design concepts is properly executed across all environments
● Lead security audits, network scans and vulnerability assessments on NI’s infrastructure
● Respond to security incidents and investigations, taking part in the handling of service faults


Requirements
● Proven knowledge of core security networking concepts like TLS, SSH, DNS, Firewalls etc.
● Strong familiarity with log shipping, monitoring, and AWS
● Over 1 year in a DevSecOps, DevOps role or similar role, in which you designed and secured cloud environments (AWS), applied best practices and built a resilient architecture.
● Over 1 year experience in coding and scripting (Python/Ruby/Go/Bash) for promoting automations in cloud environments.
● Solid knowledge of information security principles and practices.
● Solid knowledge of web infrastructure
● Over 1 year experience with designing, implementing, supporting and evaluating security-focused tools, vulnerably management tools and services.
● Over 1 year experience with periodic Vulnerability assessment and ensuring prioritization of remediation in a high-scale cloud environment
● Over 1 year experience in infosec incident handling
● Excellent English
● Happy to work independently and as part of a team
● Ability to effectively prioritize and execute tasks

Advantages
● Working experience of CI/CD and development pipeline technologies.
● Cloud Security Certifications like AWS Certified Security Specialty - advantage
● Understanding of regulatory compliance and how it relates to security and privacy - Advantage
● Working experience with containerized environments and microservices, and in particular with container security and secrets management (Docker/Kubernetes).

We can offer you
● An 8-hour working day without a fixed timetable
● Paid vacation (20 working days) and sick leave (2 weeks) +5 days of undocumented sick leave
● English courses
● Medical insurance
● Cozy office in the center of Dnipro/Kyev with friendly staff
● Competitive salary

About Civenty

Civenty is part of the Covent IT Group (2007), founded in 2015, which carries the spirit and atmosphere of a startup and serves to SMEs (small and medium-sized enterprises). We are a high-quality provider of IT business solutions for clients all over the world, bringing together 200+ professionals in three locations in Ukraine, namely Dnipro, Kiev and Vinnytsia. Specialists with profound experience in various domains such as: E-commerce / E-retail, Mobile, FinTech, Information Portals, Server administration, we allow our clients to achieve their goals faster than before.

Company website:
https://civenty.com/

DOU company page:
https://jobs.dou.ua/companies/civenty/