DevSec Ops
1 month ago
What will you do?
- Build a Culture around Security Engineering Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.
- Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.
- Drive a DevSecOps culture in the organization by implementing shift left security culture.
- Conduct security reviews, auditing, penetration testing, risk assessments, vulnerability assessments, threat modeling.
- Install, configure, manage, and maintain mission-critical enterprise applications such as AV, patching, SIEM, DLP, log management and other technical controls. Troubleshoot security system and related issues
- Should have good understanding in working on CSPM
- Should have good understanding in different Services of AWS & GCP, Also need someone who should know DNS.
- Improve Cloud, Application ,Kafka, Database security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud
- Run security automation tools for periodic scans - SAST, DAST, Infrastructure scanning, Compliance check
- Adhere to OWASP guidelines and bring the OWASP maturity model at organisation level.
- Strong understanding of network concepts including TCP/IP, HTTP and TLS, DDoS detection/prevention, and network and host anomaly detection through both automated (NIDS/HIDS) and manual means.
- A good knack for automating infrastructure security as much as possible
Some specific requirements
- Need to have a professional experience of at least 3-4 years acquired in monitoring and improving DevSec Ops tools and processes
- Extensive knowledge in assurance tools such as Fortify, OWASP ZAP, Sonarqube, Open source automation tools and their integrations into CI/CD cycles.
- Understanding of Zero Trust policy and its implementation.
- Identify security weakness across multiple programming languages like Python, Node JS, Java, Go, Javascript, HTML etc
- Participate in incident handling and other related duties to support the information security function.
- Ability to drive security automation and DevSecOps within engineering life cycle, as well as vulnerability/bug remediation
- Good to have audit experience across compliance certifications like ISO 27001/ISMS/PCI DSS / SoC 2
- Experience in Kubernetes Infra, Cloud deployment technologies - AWS, GCP
-
DevSec Ops
1 month ago
Mumbai, India Antal International Full timeWhat will you do?Build a Culture around Security Engineering Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.Drive a DevSecOps culture in the organization by implementing shift...
-
DevSec Ops
1 month ago
Mumbai, India Antal International Full timeWhat will you do?Build a Culture around Security Engineering Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.Drive a DevSecOps culture in the organization by implementing shift...
-
DevSec Ops
1 month ago
Mumbai, India Antal International Full timeWhat will you do? Build a Culture around Security Engineering Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture. Identify, integrate, monitor, and improve InfoSec controls by understanding business processes. Drive a DevSecOps culture in the organization by implementing...
-
Software Development Engineer II
2 months ago
Mumbai, India Antal International India Full timeMy client is India's largest omnichannel ecosystem and multi-platform tech company looking for an SDE I/ SDE II- DevSecOps to join their Engineering Team. . Thier team consists of generalist engineers who work on building modern websites (SPA & Isomorphic), mobile apps for Android & iOS, REST APIs and servers, internal tools, and infrastructure for all...