DevSecOps

Bachelor Degree in information security, computer science.
Experience working in an Agile, DevOps/SecDevOps environment.
3+ years of experience working in software engineering role.
2+ years of experience working in a Security role handling on premise and cloud infrastructures.
Experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for everyday deployments.
Minimum 3 years' experience with Authentication and Authorization solutions.
Experience with static code analysis for software or infrastructure as code, including SonarQube,Terraform.
Experience with vulnerability scanners, including Tenable Nessus, Qualys, ...
Understanding of secure software development practices - AppSec - Security and/or regulatory experience desired, OWASP 10 and Web Application Security, Mobile Application Security, API Security.
Good knowledge of threat modeling, risk assessment techniques, code reviews, and with the latest security best practices
Require good knowledge of CI/CD tools - Knowledge of GitLab CI/CD, Seleneoid, Jmeter, SoapUI, Junit
Require good knowledge in automatic configuration management tool - Knowledge of Ansible, Terraform
Require good knowledge of automated security tools - SAST, SCA, DAST, IAST
Good knowledge of containers and orchestration platforms. Need to know how to create, build, deploy and manage containers in development and production environments - Docker, Kubernetes.
Patterns/ Principles - Blue/Green Deployment - Canary Release, Feature Flipping
IDE: Eclipse, Visual Studio
Public Cloud services knowledge: AWS, Digital Ocean.
Knowledge of Logging & Monitoring tools: ELK, Grafana, DataDog, Prometheus.
Experience in developing integration APIs and WebServices (REST/SOAP), API Development
Experience, Knowledge of API Security