3 Easy Steps

  • 1Search for courses by Study Area, Level and Location
  • 2We deliver you all the matched results
  • 3Choose one or more course providers to contact you
Industry

Distance from location (kms)

Exact 5 10 25 50 100

Posted since

All 2 Days 1 Week 2 Weeks 1 Month

Sort results by

Relevance Date

25

March

Devsecops Engineer

Hexaware Technologies - Melbourne, VIC

IT
Source: uWorkin

JOB DESCRIPTION

Role: DevSecOps Engineer

Skills that we are looking for:

  • 4+ years of experience with Security Best Practices, cyber security, implementing enterprise-grade security solutions
  • Experience with the DevSecOps CI/CD pipeline using Azure, Dockers, microservices, Sumo logic along with all security tools.
  • Employed state of the art architectural tools including Load Balancers, Auto Scaling Groups and Multi-Zone availability to enhance scalability and availability
  • Employed architectural tools including Eventhubs, Functions, Azure Devops, AppCenter etc.
  • Monitoring security aspects of the ecosystem including tracking monitoring alerts, API calls
  • Proficient in Web Application Security, Vulnerability Assessment & Penetration Testing (VAPT), Mobile Apps Security Testing, Network/Infrastructure Vulnerability Assessment, Cybersecurity analysis etc.
  • Tool Management – Manage/Operate the existing tools like Fortify, WebInpsect, SonaType, Secure Code Warrior etc. in order to manage the security policy
  • Provides security architect solutions, assist in risk mitigation, and fulfill security governance and best practices within the environment
  • Manage security audits and compliance activities by third parties primarily the detection of vulnerabilities for the system and remediating them.
  • Development, implementation, and enforcement of information security governance including policies, standards like PCI DSS, and procedures in collaboration with different teams.
  • Experience in tools such as Burp Suite, fiddler for penetration testing and OWASP ZAP, WebInpsect for DAST (Dynamic Application Security Testing) and tools like Fortify for SAST (Static Application Security Testing), SonaType for SCA, along with Tenable/Retina for Network vulnerability assessment.
  • Proficient in understanding application-level vulnerabilities listed in OWASP top 10 including vulnerabilities like: Injection, XSS, CSRF, Session hijacking, authentication bypass, weak cryptography, authentication flaws etc.
  • Having good experience in conducting web and mobile applications security assessment in finance, ecommerce and telecom domain.
  • 2+ years of experience writing code or scripts in a modern programming or scripting language (C#, PowerShell, Perl, Ruby, Rest API etc.).
  • One or more recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK preferable
  • Knowledge / certification on delivery methodologies (e.g. Waterfall, Agile)
  • Have successfully influenced program outcomes by brokering consensus among stakeholders with conflicting needs and expectations