DevSecops
- business Antal International
- directions_car Mumbai
- workFull-time
My client is India's largest omnichannel platform and multi-platform tech company with expertise in retail tech and products in AI, ML, big data ops, gaming crypto, image editing and learning space.
Title: DevSecops
Responsibilities:
- Build a Culture around Security Engineering and Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.
- Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.
- Drive a DevSecOps culture in the organization by implementing a shift left security culture.
- Conduct security reviews, auditing, penetration testing, risk assessments, vulnerability assessments, and threat modeling.
- Install, configure, manage, and maintain mission-critical enterprise applications such as AV, patching, SIEM, DLP, log management, and other technical controls. Troubleshoot security system and related issues.
- Improve Cloud, Application, Kafka, Database security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud.
- Run security automation tools for periodic scans - SAST, DAST, Infrastructure scanning, Compliance check
- Adhere to OWASP guidelines and bring the OWASP maturity model to the organization level.
Requirements:
- Strong understanding of network concepts including TCP/IP, HTTP and TLS, DDoS detection/prevention, and network and host anomaly detection through both automated (NIDS/HIDS) and manual means.
- A good knack for automating infrastructure security as much as possible.
- Need to have a professional experience of at least 3-4 years acquired in monitoring and improving DevSec Ops tools and processes.
- Extensive knowledge in assurance tools such as BurpSuite, WebInspect, Fortify, OWASP ZAP, Sonarqube, and Open source automation tools, and their integrations into CI/CD cycles.
- Understanding of Zero Trust policy and its implementation.
- Identify security weaknesses across multiple programming languages like Python, Node JS, Java, Go, Javascript, HTML, etc
- Participate in incident handling and other related duties to support the information security function.
- Ability to drive security automation and DevSecOps within the engineering life cycle, as well as vulnerability/bug remediation.
- Ability to perform security assessments for web applications and mobile apps - Android/iOS.
- Proficient in any one programming language (e. g. Python, JavaScript, etc. ) and Git workflows.
- Good to have audit experience across compliance certifications like ISO 27001/ISMS/PCI DSS / SoC 2
- Experience in Kubernetes Infra, Cloud deployment technologies - AWS, GCP.
Place of work
Mumbai
India
Employer profile
In 1993, a visionary in London set out to create a better way to connect talented individuals with job opportunities. Fast forward 30 years, and that vision has grown into a worldwide network of over 800 consultants spanning 32 countries. As one of the top recruitment companies, we specialize in IT, Accountancy, Sales and Marketing, Engineering, and more, offering game-changing recruitment consultancy and talent acquisition services to companies of all sizes. Join us on this journey of growth! With our personalized approach to the hiring process, we aim to make finding the right job a positive and stress-free experience for you as a candidate. We understand that job searching can be overwhelming, so we offer our expertise every step of the way to help you navigate the process with ease. Our goal is to empower you to achieve your career aspirations and land the perfect job! At our core, we believe that our success is directly tied to the success of the candidates we work with!
Local radius
- Mühlhausen
- Bad Langensalza
- Treffurt
- Dingelstädt
- Wanfried
- Schlotheim
- Anrode
- Sollstedt
- Katharinenberg
- Creuzburg
Job ID: 8435015 / Ref: 1dd21d42978ddad12d8171ed5130095f