Superb opportunity to join a highly successful and growing global organisation based in Cambridge in a greenfield role. This is a superb opportunity to play a key role in the organisation's AWS/ DevSecOps journey from both a hands on technical and strategic viewpoint, in a company where security is a huge ongoing focus.
- Define and support secure continuous delivery approaches including tools and automated process.
- Define security requirements within the AWS environment around automation CI/CD, access controls, authorization, authentication, network, automated compliance, alerting and forensics.
- Assist with application security testing and code reviews?
- Performing security reviews, identifying gaps in security architecture and design
- Creating security policies and standards
- Review and design application security controls
- Researching information security standards; conducting system security and vulnerability analyses and risk assessments
- Develop secure coding policies, procedures and standards,
- Engage with the engineering teams to review and update Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
- Knowledge of Agile methodology?
- Vulnerability management. Good knowledge on performing vulnerability tests.
- Solid understanding of AWS
- Technical knowledge of secure engineering principles
- Application security assessments (source code and dynamic)
- Working knowledge of vulnerability/compliance, patch management, anti-malware, APT, identity and access control management toolsets.
- Understanding of application threat modelling and SDLC security practices.
- Experience integrating automated security tools into CI/CD pipeline.
- Proven working experience within software development industry
- Excellent interpersonal and communication?
- Proven working experience in conducting DevSecOps in an agile work environment.
- Proven working experience in at least a programming language (JAVA, Python, Bash,Perl, etc.)
- Proven working experience with DevOps container/orchestration tools (ie: Docker, Kubernetes, etc.)
- Knowledge of continuous delivery and Application Lifecycle Management tools (Jenkins, Bamboo, JIRA, SVN, Git, Nexus, etc.)
Please send your CV for immediate review.