DevSecOps Engineer

We are seeking a skilled DevSecOps Engineer - Cloud Security Specialist to join our team at Experis Manpower Group.

This is an exciting opportunity for a highly motivated and experienced professional to contribute to the development of secure cloud-based solutions. The successful candidate will collaborate with cross-functional teams to design, implement, and maintain robust security measures throughout the entire Software Development Life Cycle (SDLC).

• Collaborate with Design and Development Teams: Work closely with design and development teams to integrate security policies from the early stages of SDLC, ensuring seamless integration and efficient delivery.
• Migrate and Transform Projects: Support migration and transformation projects by identifying security risks and implementing mitigation strategies to ensure compliance and data protection.
• Create and Manage CI/CD Processes: Develop and manage continuous integration and continuous deployment (CI/CD) processes, automating security steps to increase efficiency, scalability, and reliability.
• Automate Security Tasks in DevOps: Automate security tasks in DevOps processes using tools such as Ansible, Azure DevOps, Jenkins, and GitLab, supporting continuous improvement and innovation.
• Conduct Security Assessments: Conduct thorough security assessments of hybrid solutions, identifying vulnerabilities and providing recommendations for remediation.
• Support Public Cloud Security: Collaborate with teams to ensure public cloud environments and microservices-based environments are secure, compliant, and scalable.
• Analyze API, Application, or IaC Code: Analyze the security of API, application, or infrastructure as code (IaC) and harden DevOps environments by integrating robust security elements.

• Knowledge of Cybersecurity: Possess knowledge or interest in cybersecurity, supported by several years of experience in IT or a DevOps role.
• Cloud Experience: Have experience working with one of the leading clouds: Azure, GCP, or AWS.
• CI/CD Knowledge: Understand CI/CD processes and tools such as Azure DevOps, Jenkins, or GitHub.
• Web Application Security: Possess knowledge of web application security (OWASP TOP 10), secure coding principles, popular attack methods (XSS, CSRF, SQL injection), and frameworks such as MITRE.
• Containerization: Have practical experience working with containerization (Docker) and infrastructure platforms based on containerization, such as Kubernetes, OpenShift, Anthos.
• SAST, DAST, SCA: Understand Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Source Code Analysis (SCA) and their implementation in CI/CD processes.
• Authorization, Authentication, Session Management: Possess knowledge of authorization, authentication, and session management concepts, including SAML, OAuth, SSO.
• Rest API Technology, API Gateway: Understand the SSDLC process, its elements, and Rest API technology, as well as the API Gateway concept.

• 100% Remote Work: Enjoy flexible work arrangements, allowing you to work from anywhere.
• MultiSport Plus: Participate in our employee wellness program, promoting a healthy work-life balance.
• Group Insurance: Receive comprehensive group insurance coverage.
• Medicover Premium: Access premium medical services through Medicover.
• e-learning Platform: Take advantage of our e-learning platform, offering opportunities for personal and professional growth.