W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9ob3j0ahn0yxjyl2pwzy9iyw5uzxitzgvmyxvsdc5qcgcixv0

DevSecOps\ AWS Security Engineer. Cambridge

DevSecOps\ AWS Security Engineer. Cambridge

  • Location

    Cambridge, Cambridgeshire

  • Sector:

    Cyber Security & IT Risk

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Contact:

    Andrew Nitek

  • Contact email:

    andrew.nitek@thenorthstarr.com

  • Job ref:

    AN DEVSECOPS_1565888182

  • Consultant:

    #

Superb opportunity to join a highly successful and growing global organisation based in Cambridge in a greenfield role. This is a superb opportunity to play a key role in the organisation's AWS/ DevSecOps journey from both a hands on technical and strategic viewpoint, in a company where security is a huge ongoing focus.

Key Duties

  • Define and support secure continuous delivery approaches including tools and automated process.
  • Define security requirements within the AWS environment around automation CI/CD, access controls, authorization, authentication, network, automated compliance, alerting and forensics.
  • Assist with application security testing and code reviews?
  • Performing security reviews, identifying gaps in security architecture and design
  • Creating security policies and standards
  • Review and design application security controls
  • Researching information security standards; conducting system security and vulnerability analyses and risk assessments
  • Develop secure coding policies, procedures and standards,
  • Engage with the engineering teams to review and update Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.

Essential Requirements

  • Knowledge of Agile methodology?
  • Vulnerability management. Good knowledge on performing vulnerability tests.
  • Solid understanding of AWS
  • Technical knowledge of secure engineering principles
  • Application security assessments (source code and dynamic)
  • Working knowledge of vulnerability/compliance, patch management, anti-malware, APT, identity and access control management toolsets.
  • Understanding of application threat modelling and SDLC security practices.
  • Experience integrating automated security tools into CI/CD pipeline.
  • Proven working experience within software development industry
  • Excellent interpersonal and communication?
  • Proven working experience in conducting DevSecOps in an agile work environment.
  • Proven working experience in at least a programming language (JAVA, Python, Bash,Perl, etc.)
  • Proven working experience with DevOps container/orchestration tools (ie: Docker, Kubernetes, etc.)
  • Knowledge of continuous delivery and Application Lifecycle Management tools (Jenkins, Bamboo, JIRA, SVN, Git, Nexus, etc.)

Please send your CV for immediate review.