Home

DevSecOps Engineer || F2F interview || Need Local to Virginia with DL at Arlington, Virginia, USA
Email: rbid@vyzeinc.com
From:

Rohit Kumar Bid,

Vyze Inc

rbid@vyzeinc.com

Reply to:   rbid@vyzeinc.com

JOB TITLE: DevSecOps Engineer || F2F interview || Need Local to Virginia with DL
Location: Arlington, VA 3 days/week in the office (Local candidates only- must send documentation with name/address)
Duration: 12 months 
Visa: USC/GC
MOI: Skype (Candidate MUST be open to onsite interview as final interview)
LinkedIn, DL, and Visa is Must

Vendor Call Notes: 
DevSecOps Engineer, involved in integration apps to CI pipelines that build and deploy apps, they do security
Set of security testing tools and integrate to pipeline, integrate whole process, fixing issues,  automated whole process, work with dev team
Experience with DevOps processes, Jenkins, plugins that can be used, Groovy for writing scripts to help with automation
Jenkins used for CI/CD processes, will know Groovy if worked with Jenkins (a plus in basic knowledge) will not write 100s lines of Groovy code, updating existing ones 
Use Python for automation of process need python development (6-7 years of exp) write scripts to automate processes
Internal scripts are what they use, not customer facing script
OWASP good to have 
Maintenance of existing process and implementing new process 
Need security piece 
6 members including team lead (onshore/offshore) 
Proactive mindset, work with other teams, meet with any issues in environment and able to reach out to other teams to fix issue, large org experience, preferably financial (exposure to complex and diverse development)

These skills will help you succeed in this role:
- Bachelor's degree with minimum 8 years of work experience in the IT field
- 3+ years software development experience using Java, JavaScript
- 3+ years of experience in the following:
- OWASP Secure Coding Practices  GOOD TO HAVE 
- Common software and web application security vulnerabilities
- Application security scanning tools
- Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins) - Required
- Experience in Python scripting  Required 

Even Better If You Have:
- A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field
- Business acumen to support the implementation of SAST or DAST or IAST across the enterprise
- Ability to perform code reviews with minimal assistance
- A self-starter, with a strong desire for learning new technologies and applying them to solve problems
- Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
- Familiarity with public cloud services a plus
- Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype
- Experience with Threat Analysis.
- Experience with DevSecOps, Secure SDLC.
- DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus
- Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus

What You'll Do:
- Collaborate with a team of engineers to implement Morgan Stanley specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications.
- Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes.
- Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.  DO NOT NEED TO KNOW, nice to have
- With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.
- Support security standards, create templates and patterns to increase the efficiency and adoption of security program.  Good if familiar but they can train them on that 

Keywords: cprogramm continuous integration continuous deployment information technology green card Virginia
DevSecOps Engineer || F2F interview || Need Local to Virginia with DL
rbid@vyzeinc.com
rbid@vyzeinc.com
View all
Tue Jan 21 06:54:00 UTC 2025

To remove this job post send "job_kill 2096461" as subject from rbid@vyzeinc.com to usjobs@nvoids.com. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to rbid@vyzeinc.com -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at me@nvoids.com
Time Taken: 7

Location: Arlington, Virginia