DevSecOps Engineer

Caliberly

Dubai
DH 18,000 per month
Permanent
Full-time

2 months ago

Responsibilities:Collaborate with development, operations, and security teams to integrate security best practices into our DevOps processes and workflows.Implement and automate security controls and compliance checks throughout the development and deployment lifecycle.Design and implement secure CI/CD pipelines for building, testing, and deploying software, incorporating security testing tools such as SAST, DAST, and IAST.Implement and manage infrastructure as code (IaC) using tools such as Terraform, CloudFormation, or Ansible, ensuring security best practices are followed.Automate security scanning and vulnerability management processes for applications, containers, and cloud resources.Implement and manage security monitoring, logging, and alerting systems to detect and respond to security incidents.Conduct security assessments and penetration testing of applications, infrastructure, and cloud environments.Ensure compliance with industry standards and regulations such as GDPR, HIPAA, PCI-DSS, and SOC 2.Provide guidance and support to development and operations teams on secure coding practices, security tools, and security best practices.Stay up-to-date with emerging security threats, vulnerabilities, and best practices, and implement appropriate measures to mitigate risks.
Qualifications:Bachelor's or Master's degree in Computer Science, Software Engineering, Information Security, or a related field.Proven experience as a DevSecOps Engineer or similar role, with a strong background in software development, operations, and security.Proficiency in scripting and programming languages such as Python, Bash, or Go.Experience with cloud platforms such as AWS, Azure, or Google Cloud Platform, including hands-on experience with security services and controls.Experience with CI/CD tools such as Jenkins, GitLab CI/CD, or CircleCI, and version control systems such as Git.Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible, and containerization technologies such as Docker and Kubernetes.Strong understanding of security principles, standards, and best practices, including OWASP Top 10, CIS Benchmarks, and NIST Cybersecurity Framework.Experience with security testing tools such as static analysis (SAST), dynamic analysis (DAST), and interactive analysis (IAST) tools.Experience with security monitoring and logging tools such as SIEM, IDS/IPS, and security information and event management (SIEM) systems.Excellent problem-solving skills and the ability to troubleshoot complex technical issues.Strong communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.

Caliberly

Apply Now