Skills

Communication GitHub GitLab CI/CD DevOps Docker Kubernetes Monitoring Version Control Security Testing Azure AWS Software Development Agile SDLC GCP CI/CD Pipelines Gitlab CI GitHub Actions

Job Specifications

Job Description:

We are seeking a skilled DevSecOps Engineer to join our dynamic team. This role will focus on integrating security practices within the DevOps process, ensuring that security is a fundamental aspect of our software development lifecycle. The ideal candidate will collaborate closely with the DevOps Tooling & Policy Lead to implement CI/CD practices, automate processes, and enhance the overall security posture of our applications.

Key responsibilities:

CI/CD pipelines and automation:

Collaborate with the DevOps Tooling & Policy Lead to design, implement, and maintain robust CI/CD pipelines to automate the software delivery process.
Integrate testing, security, and deployment processes to ensure high-quality releases.
Establish and document repeatable patterns for deployment, configuration, and monitoring to enhance efficiency.
Identify opportunities for automation in security testing and compliance checks.
Develop solutions to enhance the DevSecOps process, integrating tooling to drive value and enhance developer experience.

Collaboration with development teams:

Partner with development teams to identify bottlenecks in the SDLC and implement solutions to streamline workflows.
Provide guidance on best practices for version control, secure coding, and branching strategies.
Assist development teams onboard to standardised DevOps patterns and processes.

Tooling and technology evaluation:

Evaluate and recommend tools and technologies that can enhance the CI/CD process and overall developer experience.
Stay up to date with industry trends and emerging technologies to continuously improve practices.

Documentation and knowledge sharing:

Develop comprehensive documentation on security and DevOps practices, making it easily accessible to development teams.
Contribute to workshops and knowledge-sharing sessions to educate developers on secure coding practices and the importance of security in development.
Assist with the onboarding of projects and teams to the centralised DevSecOps tooling and CI/CD templates.

Experience and skills:

Qualifications:

Proven experience of DevSecOps and Agile software delivery.
Strong understanding of the SDLC, Agile, DevOps, and DevSecOps principles.
Familiarity with modern security practices, tools, and standards (e.g., OWASP, NIST).
Technical knowledge of cloud environments (AWS, Azure, GCP), containerisation (Docker, Kubernetes), and CI/CD pipelines.
Excellent communication skills, with the ability to articulate DevSecOps concepts to technical and non-technical stakeholders.

Preferred skills:

Certifications in cloud technologies (AWS Certified, Azure Security Engineer).
Experience in leveraging tools for security monitoring and threat detection.
Experience implementing re-usable pipelines using CI/CD tooling (Gitlab CI/Github Actions/Argo CD/Concourse).
Familiarity with secure coding principles, application and infrastructure security best practices.

About the Company

At Mentmore we understand that hiring exceptional people is important for our clients but that it is only one part of their job. We aim to make that process as enjoyable, efficient and effective as possible. We provide high quality candidates for both permanent and contract IT positions and are specialists within our five Core Practice areas: *Information Security *Change & Project Management *Infrastructure & Service Management *Architecture *Executive IT Leadership Our knowledge extends across a variety of sectors inclu... Know more