Security Specialist – DevSecOps (Permanent/Contractor, On-Site, Czech Republic)
SUMMARY
Our client is looking for a new colleague to join their security team and work on DevSecOps. This position is fully allocated to the EUSPA - European space programs, and You can be part of it!
REQUIREMENTS
Your new role:
Safeguarding the security of EUSPA's DevOps environments and CI/CD pipelines.
Taking the lead in the DevSecOps domain, encompassing Container Security, Cloud Security, API Security, Vulnerability Scanning, Certificate Management, Secrets Management, Security monitoring data analysis, coordinating Patch Remediation, and daily Security and Compliance activities. Collaborating on the integration of software development projects into the EUSPA infrastructure.
Establishing compliance requirements in accordance with Policies and Standards.
Supporting Security Automation and infrastructure through code.
Creating an automated security framework to fortify deployment tools and procedures, utilizing a range of scripting languages and both open-source and proprietary solutions.
Ensuring comprehensive documentation of processes and systems.
What you will need:
Proficiency in DevSecOps, including the capability to implement security features and Group Policy Objects (GPOs).
Familiarity with security best practices, standards, and principles, including Information Security frameworks and standards such as CIS, NIST, RFC2196, among others.
Strong knowledge of networking, encompassing a broad understanding of network protocols and services such as FTP, HTTP, SSH, SMB, LDAP.
Experience in coordinating and conducting vulnerability assessments using automated and manual tools like Tenable, Clair, Sonarqube, NMAP, and the ability to review and analyze vulnerability data to identify security risks, including distinguishing false positives.
Coordinating and addressing vulnerabilities within established timeframes.
Proficiency in programming and scripting languages such as Python, Bash, and others.
Understanding of security domains like Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security Monitoring tools, and more.
Knowledge of Windows and Linux patch management and related information security functions, including authentication, encryption, iptables, SSL, and Ciphers.
Ability to work with APIs and Plugins to integrate security tools into existing CI/CD pipelines.
Expertise in DevOps Automation tools like GitHub, Gitlab, Azure DevOps, Jenkins, and Helm charts.
Familiarity with Kubernetes, Docker, container orchestration platforms like OpenShift and Rancher, as well as container image registries like Dockerhub and Harbor.
Understanding of security tools such as Secret Scanning, Secure code analysis, Dynamic Application Security Testing, Static Application Security Testing, Container Scanning, and Infrastructure as Code Scanning.
NICE TO HAVE:
Experience with network communication analysis tools (e.g. tcpdump, Wireshark)
Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools
Experience with PKI management
Possession of any of the following certifications: MCSE, MCSA, CISSP, CEH, GCIA, GPEN, GCIH, GSEC, etc.
Are you interested in this opportunity or could you recommend me someone? Then APPLY NOW - please click on the APPLY NOW button and fill in the Application Survey.
We will come back to you immediately to discuss the next steps. Looking forward to hearing from you!