| Hiring for DevSecOps Engineer || Arlington, Virginia || Hybrid || 12 Months Contract || F2F Interview at Arlington, Kansas, USA |
| Email: [email protected] |
| From: Harsh Goyal, Vizon Inc [email protected] Reply to: [email protected] Looking for a DevSecOps Candidate who can go for the F2F Interview in Arlington, Viriginia Job Description -DevSecOps EngineerClient: Investment Banking Company Arlington, VA 3 days/week in the office12 month contractLocal candidates only- must send documentation (DL) with name/addressCandidate MUST be open to onsite interview as final interview Vendor Call Notes: DevSecOps Engineer, involved in integration apps to CI pipelines that build and deploy apps, they do security Set of security testing tools and integrate to pipeline, integrate whole process, fixing issues, automated whole process, work with dev team Experience with DevOps processes, Jenkins, plugins that can be used, Groovy for writing scripts to help with automation Jenkins used for CI/CD processes, will know Groovy if worked with Jenkins (a plus in basic knowledge) will not write 100s lines of Groovy code, updating existing ones Use Python for automation of process need python development (6-7 years of exp) write scripts to automate processes Internal scripts are what they use, not customer facing script OWASP good to have Maintenance of existing process and implementing new process Need security piece 6 members including team lead (onshore/offshore) Proactive mindset, work with other teams, meet with any issues in environment and able to reach out to other teams to fix issue, large org experience, preferably financial (exposure to complex and diverse development) These skills will help you succeed in this role: - Bachelor's degree with minimum 8 years of work experience in the IT field - 3+ years software development experience using Java, JavaScript - 3+ years of experience in the following: - OWASP Secure Coding Practices GOOD TO HAVE - Common software and web application security vulnerabilities - Application security scanning tools - Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins) - Required - Experience in Python scripting Required Even Better If You Have - A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field - Business acumen to support the implementation of SAST or DAST or IAST across the enterprise - Ability to perform code reviews with minimal assistance - A self-starter, with a strong desire for learning new technologies and applying them to solve problems - Experience with two or more of the application build environments like Jenkins, Gradle, Maven. - Familiarity with public cloud services a plus - Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype - Experience with Threat Analysis. - Experience with DevSecOps, Secure SDLC. - DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus - Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus Keywords: continuous integration continuous deployment information technology golang Virginia Hiring for DevSecOps Engineer || Arlington, Virginia || Hybrid || 12 Months Contract || F2F Interview [email protected] |
| [email protected] View all |
| Tue Dec 03 03:22:00 UTC 2024 |