Senior DevSecOps Engineer
Posted on Nov 19, 2020 by Berkeley Square IT Ltd
Senior DevSecOps Engineer
3-6 months | 100% remote | £700-750 | Outside IR35 | SC Clearance.
My government client is looking for a talented DevSecOps Engineer to help maintain and continually improve the security of some of the Department's key digital platforms, used by millions of people every year.
Role & Responsibilities:
- Work with agile product delivery teams on the secure design, configuration, deployment, testing and management of applications and systems in traditional data center and cloud environments.
- Take responsibility for automating common, repeatable tasks to improve the cyber security around some of our most important datasets and services.
- Ensure that vulnerability management best practice is followed and that code is developed securely, avoiding common pitfalls.
- Support automated and manual security testing of our deployed infrastructure and applications, and manage the findings from these tests.
- Drive the development of new security capabilities to support delivery and ensure that the tools and approaches used are effective. This role will give you the opportunity to get hands on and build security into systems.
- Take a proactive role in securing the digital environment to ensure effective rootcause and trend analysis of security threats and issues. As part of the role you will be expected to investigate anomalous activity and support incident resolution with the service.
- Liaise effectively with interested stakeholders to ensure that lessons are learned and will communicate threats to aid continuous information assurance. You will be required to challenge and propose changes to existing processes where they do not contribute to the rapid delivery of a secure service.
Skills & Experience:
- Previous experience working on AWS Security on services (IAM, Cognito, KMS, Federation Services)
- A strong overall AWS Knowledge is essential
- Extensive experience with automation using Scripting languages, such as Perl, Python, Ruby, and/or Bash as well as configuration of infrastructure with code automation (eg Atlassian tools, Ansible, Puppet, or Chef).
- Experience with version control software and job execution tools, such as Git, GoCD, Octopus, Jenkins, RunDeck, SaltStack.
- Experience with cloud platforms to include virtualization, containerisation and orchestration technologies, such as AWS, Azure, Docker, Kubernetes, etc.
- Experience of secure coding and testing across a variety of tools (static, dynamic, and both automated and manual) and vulnerability management.
- Communicating risk in a clear manner to inform business decisions
- Deep knowledge of networking, infrastructure and applications
- Experience with agile and continuous development methodologies, including the practices, platforms and tools which support them
- Polyglot technologist with the ability to quickly learn, adapt and use different technologies, including but not limited to Cloud platforms and protective monitoring
- Broad knowledge of security controls and how they can be applied in a traditional IT environment and cloud based systems
- In depth understanding of the methods of technical attack and how these can be detected in a digital environment
- Knowledge of the concepts of information security, and of current and emerging IT security, data protection and information risk principles and technologies.
- Knowledge of security monitoring, prevention and control systems including but not limited to Firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions.
- Experience in UK Public Sector (preferably central Government)
- Elligible for SC level security clearance (active SC clearance would be an advantage)
This is an urgent requirement and my client is looking to move quickly for the right SecOps Engineer. Please direct any questions to Ashleigh Roberts at Berkeley Square IT (see below) or apply now for immediate consideration.