| DevSecOps Architect, Miami, FL, Remote 25% travel at Miami, Florida, USA |
| Email: [email protected] |
| From: Yogesh Sharma, StellentIT [email protected] Reply to: [email protected] DevSecOps Architect Location: Miami, FL, Remote 25% travel Interview: Phone + Skype Job description; Must-have skills: DevOPs, DevSecOPs roles, Cloud Service Providers (AWS), DevOps tools such as Git OR Jenkins OR Ansible OR Terraform, Infrastructure as Code (Terraform), Java OR Java Spring Boot OR Python OR C/C, Security experience: SAS (static analysis), threat modeling, log monitoring, APIs to query RESTful services, micro services, Python, Go, or Bash, Kubernetes, Docker, and Rancher, CI/CD, GitLab, SAST, DAST, IAST, MAST; Linux, Hashicorp. Requirements: Availability to work at the Clients site in Miami, FL (required); Experience within DevOPs, DevSecOPs roles (5+ years); Experience with Cloud Service Providers (AWS heavily preferred) (5+ years); Experience with container technologies like Kubernetes, Docker, and Rancher; Experience with Infrastructure as Code (Terraform) (2-3 years); Experience with DevOps tools such as Git, Jenkins, Ansible, and Terraform Experience with DevOps and Agile methodologies; Experience using APIs to query RESTful services and integrate third party services, micro services; Programming experience using one or more of the following: Java, Java Spring Boot, Python, or C/C++; Experience with CI/CD - Deployment pipelines, and automated build and configuration tools such as GitLab, Jenkins, Ansible, and Terraform; Security experience: SAS (static analysis), threat modeling, log monitoring Experience with security automation and scripting with languages like Python, Go, or Bash; Experience with security automation, security log review and analysis, threat analysis tools; Experience with DevSecOps practices, including automation of SAST, DAST, IAST, MAST along with threat modeling, code peer reviews, security remediation and security monitoring/incident response enablement; Experience in Linux operating systems; Experience with cloud security controls involving tenant isolation, encryption at rest, encryption in transit, and secrets management (Hashicorp preferred); Ability to travel both locally and internationally 25% of the time. Responsibilities: Design, implement and maintain secure, reusable DevOps pipelines for brand development teams, that align with Carnival global application security standards. Develop and maintain infrastructure as code (IaC) templates for cloud environments such as AWS, Azure, and Google Cloud Platform. Work with development teams to ensure that security is built into the SDLC and that all code is secure by design. Monitor and investigate security incidents and vulnerabilities in the infrastructure and take corrective actions. Continuously assess and improve the security posture of the brand and contribute improvements back to the global organization. Program, engineer, implement, and administer IT Security technical control and tools to assess vulnerabilities, mis-configurations and incidents. Develop and maintain relationships with 3rd party vendors responsible for providing technology services, tools, and consulting. Perform security reviews of deployments to ensure they meet relevant policies, standards, and guidelines. Partner with different brand IT resources to automate and enhance security logging and integrate with managed SIEM provider. Create and distribute security reports to required business and IT units, including vulnerability reports for tracking of remediation. Respond to escalations and other priorities as required, may require afterhours engagement as needed. Other projects and duties as assigned (e.g., assisting global application security pillar on pattern and capability design and buildout) Keywords: cprogramm cplusplus continuous integration continuous deployment information technology golang Florida |
| [email protected] View all |
| Wed Jul 26 20:08:00 UTC 2023 |