Title: Devsecops
Location: Trevose, PA
The DevSecOps Engineer will collaborate with the configuration and release manager, database administrators, systems administrators, network engineers, project managers, QA Testers, third party vendors for managed services, and business stakeholders to execute IT release management strategy which is comprised of:
- Code deployment
- Configuration and asset management
- Managed services coordination with hosting providers
- Application environment configuration
- Code back-out and/or contingency plans and procedures
- Build automation
Responsibilities:
- Strong experience in DevOps development practices and CI/CD pipelines
- Significant experience as a security-focused developer and DevSecOps practices
- Excellent presentation and briefing skills
- Coordinate, schedule (reschedule) and oversee application release activities
- Track upcoming release progress and partner with Project Managers on milestone planning
- Identify and implement appropriate risk management initiatives to manage production changes
- Execution of changes into Stage and Production environments, including
- Verifying quality testing and business approvals prior to deployment of code
- Aligning support resources for server load balancing and code testing during deployment window
- Promote a DevSecOps culture through building relationships with Development, Security & Operations and driving enhancements to the end-to-end release process
- Define and evolve Build & Release best practice by working within teams and educating the other stakeholder teams. These best practices should support traceability & auditability of change
- Experience with Build Automation tools such as MSBuild, Grunt and NodeJS
- Contribute to the continued enhancement of release process and tools
- Collaborate with Architects, DevOps team to integrate and deliver robust DevSecOps services (onboarding projects, applications into automate pipelines).
- Design/Evaluate/Develop/Enhance/Implement and maintain secure automated orchestration for application deployments.
- Work closely with application development team to proactively review the issues identified from static application security testing (source code review and software composition analysis), Container scanning and drive remediation discussion and execution.
- Evaluate, Support CI/CD process, continuous integration (Bitbucket), continuous deployment (CircleCI), and deployment orchestration (Ansible, puppet, or equivalent)
- Support and work with APIs and Plugins to integrate security tools into established CI/CD pipelines
- Knowledge of Cloud security and architecture such as Container level, Cluster level, Repo etc.
- Collaborate with application developers to deliver creative solutions to difficult technology challenges and business requirements.
- Responsible for automating security controls, data and processes to provide improved metrics and operational support.
Qualifications:
- Bachelor of Science degree in Computer Science, Software Engineering, Management Information Systems (MIS) or similar program.
- Ensure continuous availability of various tools supporting SCM & Release Management including Source Control Continuous Integration & Change Management
- Must be proficient in scripting languages: Power Shell, YAML, Python and Groovy
- Good to have knowledge of Chef or Puppet Labs or Ansible.
- Knowledge and experience with Linux, Windows 2016, 2019 Operating Systems
- Should have working experience with monitoring tools like ELK, Grafana, Webmetrics, Datadog, Solarwinds, SPLUNK and/or SPLUNK, or any other monitoring tools/processes
- Experience working in Agile environments
- Possess a strong technical background in information technology management and System Development Life Cycles
- Able to adhere to and enforce software release processes
- Results-oriented, diligent and works with a sense of urgency
- Assertive, responsible for his/her own work (self-directed) and be willing to commit to deadlines
- Ability to identify and implement required actions and eliminate roadblocks quickly in order to accomplish goals including fielding of deployment issues, escalations and contingencies, acting as the primary Point-of-Contact throughout the deployment execution.
- The DevSecOps Engineer is responsible for the overall success of code deployments, patching, upgrades and maintenance updates to production systems to ensure on-time delivery of business applications
- Candidate should have project manager skills with along with technical experience to understand the components of the release and how they will affect the release schedule and risks.
- The DevSecOps Engineer assists in determining the readiness of each release based on release criteria including management of the approvals process
- Ability to drive issues to closure; strong leadership capabilities
- Flexible, able to learn quickly in a dynamic environment
- Strong hand-on experience in DevSecOps tools Bitbucket, Jfrog, CircleCI, Checkmarx, SonarCloud, ELK and Grafana.
Thanks & Regards
Hussain Ali Mirza
Sr.Technical Recruiter
E-mail: hussain.m@implifyinc.com
US: +1(610) 890-9860 Ext:287
India: +91 9951751472