As a Software House with experience in cybersecurity, we specialize in creating mobile and web applications as well as delivering IoT solutions, working mainly with the industrial sector, IT companies, and e-commerce.
We are looking for DevSecOps aka SecDevOps Engineer to join our DevSecOps and SRE team to drive DevSecOps practices and coach development teams to adopt the practices to ensure that security is embedded in the software development lifecycle (SDLC).
- 3+ years of commercial experience in a similar role.
- 1+ year of experience in Application Security Testing.
- Strong understanding of DevOps principles and practices, including continuous integration, continuous deployment, and infrastructure as code.
- Expertise in security practices and principles, including secure coding practices, vulnerability management, threat modeling, and risk assessment.
- Proficiency in scripting languages such as Python, Bash, or PowerShell.
- Experience with cloud platforms such as AWS, Azure, or Google Cloud, and understanding of their security features and services.
- Knowledge of containerization technologies such as Docker and container orchestration tools like Kubernetes.
- Familiarity with security tools and technologies such as vulnerability scanners, intrusion detection systems, and security information and event management (SIEM) systems.
- Strong problem-solving and troubleshooting skills, with the ability to quickly identify and resolve security issues.
- Excellent communication skills and the ability to collaborate effectively with cross-functional teams, including developers, operations, and security professionals.
- Attention to detail and a proactive mindset towards security, with the ability to anticipate and mitigate potential risks.
- Relevant certifications such as Certified DevOps Engineer, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH), CompTIA Security+, DevSecOps Professional (CDP).
- Experience in implementing security controls and best practices in cloud environments.
- SAST / DAST / IAST / SCA / RASP tools related to education and certificates are beneficial.
- Familiarity with DevOps tools and technologies such as Jenkins, Git, Ansible, or Terraform.
- Understanding of secure software development lifecycle (S-SDLC) methodologies and practices like OWASP SAMM / DSOMM / ASVS or NIST 800-218 are beneficial.
- Experience with secure configuration management and auditing of infrastructure and applications.
- Understanding of network security principles and protocols.
Why it’s worth joining us?
Individual training budget
Fully remote work
Flexible working hours
Unique working atmosphere
Knowledge sharing with developers with extensive experience
In-house training programs (Angular, IOS, Android, CyberSecurity Leadership)
After we receive your CV you will have a short conversation with HC, during which we will initially tell you about 4code, the project and the role that interests you, and we will gladly hear about your expectations.
We invite you to a 1-hour meeting with HC and a technical person, during which we will get to know each other better, talk about your experience and the possibilities we have for you.
MEETING WITH THE CUSTOMER
The client is also very happy to meet you. There will be one or two interviews with him, if necessary.
We will get back to You with the results of the recruitment regardless of the outcome. Hopefully it will always be good news.