DevSecops

Job Description for DevSecops  in Sydney.

Skill:

3+ years of extensive Python proficiency

3+ years of Java Experience

Extensive exposure to:

Javascript

Jenkins

Code Pipeline + CodeBuild

AWS' ecosystem

AWS Well Architected Framework

Trusted Advisor

GuardDuty / SCP / SSM / IAM / WAF

Deep understanding of automation, quality engineering, architectural methodologies, principles, and solution design

Hands on experience with Infrastructure-As-Code tools to automate deployments in AWS, preferably CloudFormation and CDK

Familiarity with operational observability, including log aggregation, application performance monitoring, etc

Experience deploying auto-scaling and load-balanced / Highly Available applications

Be familiar with CI/CD pipelines and use of tools such as Code Build, Code Deploy, Code Pipeline.

Hands-On experience in managing certificates (client-server, mutual TLS, etc)

Scope:
Improve the automation of security controls

Work closely with the consumer showback team on defining processes and system requirements

Design and implement updates to the showback platform including

Cloud Conformity

WAF status

Certificate Management

Work with STO/account owners to uplift the security posture of consumer accounts using, at least:

Show back platform

Trusted advisor

Risk management process

Work with the Onboarding team to ensure that security standards and policies are being setup and configured correctly

Work on some items from the Cloud Security LRP, implementing enterprise minimum security requirements

Data Masking

Encryption monitoring

Perimeter protections

Ingress / Egress uplift

Integration of SailPoint for SSO Management

Let me know if you have any questions.