CirrusLabs · 4 hours ago

DevSecOps Engineer

United States

Contract

Remote

Mid Level

4+ years exp

Maximize your interview chances

Information ServicesInformation Technology

Actively Hiring

Insider Connection @CirrusLabs

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Advocates for the application teams Cybersecurity, DevSecOps, and Agile engineering procedures, quality engineering practices and advanced requirement capturing techniques for improving end-to-end secure delivery practices.

Works to harden cloud infrastructure from attacks by implementing automated and integrated release cycles incorporated within the Agile Secure Software Development Lifecycle’s (SSDLC) tools and processes.

Responsible for day-to-day collaboration with the Cyber team to ensure successful implementation of secure coding practices, and integration of secure application and design processes across Deloitte. Supports the Secure Systems Development Lifecycle (SSDLC), including functional and non-functional cybersecurity requirements.

Builds Automation to validate security requirements within the CI/CD pipeline.

Applies secure application principles to the testing and validation of security requirements derived in the SSDLC processes.

Works with the application Infrastructure architect to complete security questionnaires

Organizes and coordinates pen testing as needed

Acts as the Security Champion for the application team

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

DevSecOpsSecure CI/CD pipelinesProgramming skillsContainerizationCloud infrastructure managementSource Code ManagementJavaNetTerraformPythonVisual BasicPowerShellBashC++C#DjangoJavaScriptHTMLCSSProof of Concept (PoC)Agile development

Required

Minimum of 4 years of combined experience in software engineering, and DevOps/DevSecOps, preferably in an information security context

Working with Secure CI/CD pipelines and ALM tools to automate security requirements validation tasks

Programming skills in one or more of the following programming and markup languages: Java, .Net, Terraform, Python, Visual Basic, PowerShell, Bash, C++, C#, Django, JavaScript, HTML, CSS, etc.

Hands-on experience with containerization, orchestration, and Cloud infrastructure management (e.g., Infrastructure as Code, immutable infrastructure, Configuration as Code)

Knowledge of Source Code Management concepts (e.g., code lines, branching, merging, integration, versioning)

Experience producing PoCs (Proof of Concept) to support the development and DevOps teams

Ability to translate traditional SDLC approach (plan, code, build, test, release, deploy and monitor) to the phases of agile development when writing software to automate security related tasks.