DevSecOps Engineer (offline)

Responsibilities:

- Develop direction, create a roadmap and improve the DevSecOps culture in the company

- Help Devops with secure Istio and ServiceMesh setup, Kubernetes (EKS) security setup

- Interaction with DevOps, transfer of services for their support and training in security principles

- Implementation of OPA and virtualization configuration security analyzers

- Setting up CI/CD security and improving the security of solutions that use DevOps - Terraform, Ansible, etc.

- Implementing Security Scanners in Pipelines

- Automation of security processes

Requirements:

- Knowledge of the basic principles of DevOps approaches (CI /CD)

- Experience with Kubernetes or other orchestration tools

- Experience with Ansible/Terraform/Chef configuration management systems, etc.

- Experience in web server and database administration

- Knowledge of the TCP/IP protocol stack and understanding of the OSI model

- Understanding the principles of microservice application architecture

- Experience with version control systems

- Cloud experience (AWS, GCP) Security

- Experience in infrastructure analysis for information security risks and their elimination / mitigation

- Experience in automating management processes and access control

- Experience in administering SIEM systems (ELK, Splunk)

- Experience in implementing Vault management systems and privileged user control systems

- Experience with Security scanners and implementation of their pipelines

- Understanding SSDLC (OSAMMv2) principles

Will be a plus:

- Knowledge of how secure Service Mesh and ZeroTrust work

- Experience in software development in Go/Python