DevSecOps

Sensiple Inc., service offerings include contingent Staff Augmentation of IT professionals, Permanent Recruiting and Temp-to-Hire. In addition, our industry expertise and knowledge within financial services, Insurance, Telecom, Manufacturing, Technology, Media and Entertainment, Pharmaceutical, Health Care and service industries ensures our services are customized to meet specific needs. For more details please visit our website: www.sensiple.comWe have been retained for providing recruiting assistance, for direct hires, by one of the world-leading information technology consulting, services, and business process outsourcing organization that envisioned and pioneered the adoption of the flexible global business practices that today enable companies to operate more efficiently and produce more value.Sensiple, Inc. is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to gender, race, color, religion, sex, national origin, veteran or disability statusOur client is looking for a

• Design, integrate, and maintain DevSecOps continuous test/integration/deployment and operational platforms.
• Develop capabilities used to deploy large-scale cyber countermeasure capabilities to detect and prevent sophisticated threats and vulnerabilities on enterprise networks.
• Develop and enforce security standard methodologies, processes and tools
• Ensure compliance to enterprise architecture, security policies, and operational procedure.
• Perform threat and security design reviews.
• Implement automated process, and automation tools.
• Develop and support development of security testing and validation tooling.
• Resolve and review resolution of security vulnerabilities as needed.
• Improve secure coding practices, application security requirements, automation, training, and metrics.
• Maintain an active understanding of industry practices for secure software development.
• Works with application development teams to refactor or create security solutions, using DevSecOps CI/CD pipeline and tools.

• 3+ years of experience with executing Web application, network, and system penetration tests for clients
• Experience with DevSecOps automation tools such as Terraform
• Experience with container and container management technologies like Docker, Kubernetes etc.
• Extensive experience of AWS cloud services.
• Experience with installing, configuring, integrating and maintaining tools and technologies like Jenkins, JIRA, SonarQube, Fortify, Git.
• Experience with programming using one or more of the following: Perl, Python, ruby, bash, C or C, C#, or Java, including scripting and editing existing code.
• Strong ability to understand OOP concepts and process.
• Possession of excellent oral and written communication skills to communicate effectively and professionally with clients, teammates, and senior leadership
• Ability to clearly convey results in formal technical reports and deliver briefings to various stakeholders.

• BA or BS degree
• Experience in Cybersecurity. (e.g. secure coding practice, application security requirements.)
• Knowledge of open security testing standards and projects, including OWASP
• Ability to assist remediation efforts for discovered vulnerabilities
• Experience with Web application development, system administration, and the software and system development life cycle
• Experience with red-teaming and covert computer network exploitation
• Experience with programming
• Knowledge of secure coding best practices
• Ability to craft custom exploits for proof-of-concept code
• Agile certifications such as Certified Scrum Master, Certified Scrum Professional.