IT & Systems Engineer (DevSecOps)

JOB SUMMARY

Designing, implementing and maintaining CI/CD tools and processes for software delivery. Integrate security practices into the DevOps pipeline, enhancing the security, efficiency, reliability and performance of software/system development and deployment.Minimum QualificationsBSc. Computer Science or equivalent from a recognised universityProfessional certifications in IT Security (CISSP, CCSP, CISA, CISM) is a plusExperience & Skills3+ years of experience in the field or similar rolesShould be proficient in scripting and coding. The aptitude should include languages like Python, JavaScript, React.jsShould be a champion of change within the DevOps culture and a strong incentive for improving and automatingShould be able to investigate reliability or performance issues, leveraging tools to automate scanning and monitoringGreat awareness of cybersecurity principles and trends, including secure coding practices, encryption, threat modelling, and vulnerability managementExperience with security testing tools (e.g., OWASP ZAP, Burp Suite, Nessus)Familiarity with compliance frameworks and standards (e.g., GDPR, ISO 27001, NIST)Must use B/OSS tools effectively to record information accurately and concisely in a timely mannerStrong knowledge of DevSecOps tools and technologies such as Azure DevOps, Jenkins, GitHub Actions, GitLab CI, Docker, Kubernetes, Ansible or TerraformShould have strong knowledge of operatin

RESPONSIBILITIES

Designing, implementing, and maintaining tools and processes for continuous integration, delivery, and deployment of softwareIntegrate security practices into the DevOps process, ensuring that security and compliance with relevant policies and regulations is considered at every stage of development and deploymentCollaborate with the IT team to ensure the designed solution responds to non-functional requirements such as availability, performance, security, and maintainabilityCollaborate with the IT team to remediate vulnerabilities and apply patches or mitigations as necessary to improve overall system securityAutomate security testing (SAST, DAST, IAST) and vulnerability management processesCollaborate with the Cybersecurity team to implement and manage security monitoring tools to detect and respond to security incidentsImplement monitoring and logging solutions to track the performance and health of deployed services, applications and infrastructureIdentify and address issues and bottlenecks in the software development lifecycle with an aim to streamline the lifecycles of applicationsImprove collaborative response in real-time and update documentation, runbook tools, and modules to prepare teams for incidentsImplementing and maintaining version control systems, configuration management tools, and other DevOps-related technologiesComprehensive documentation of all CI/CD processes and policies that have been implementedEnsuring compliance with industry best practices and organisational policiesContinuously improving processes and tools to enhance efficiency and productivityProjects and reporting as directed by IT Development Manager / Director IT

REQUIRED SKILLS

DevOps, Cyber security, Github (or other software version management systems), Version control and configuration management

REQUIRED EDUCATION

Bachelor's degree