DevSecOps Analyst and Senior Analyst
SSC Egypt
Posted on 27 Aug
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
1. Collaborate with cross-functional teams to integrate security practices into development processes and create seamless flow of work.
2. Provide guidance and support on secure coding practices, secure design principles, and security risk mitigation.
3. Develop and maintain security documentation and guidelines for Continuous Integration / Continuous Development CI/CD pipeline tools and processes. Additionally, Design and implement secure (CI/CD) pipelines for building, testing and deploying software, incorporating security testing tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA)
4. Evaluate and recommend the implementation of security tools and technologies to enhance the security posture of the organization within the CI/CD pipeline.
5. Responsible for the security of the software development process, including automating scans, code verification, and developing security protocol to protect sensitive data and ensure proper prevention against cyber threats.
6. Review and enhance containers security measures within the bank IT environment (e.g. Kubernetes, OpenShift, etc)
7. Collaborate with both development and operations teams to create a seamless flow of work and maintain an agile workflow.
8. Ensure continuous integration and delivery (CI/CD) processes are followed, promoting the speedy release of high-quality software
9. Support the implementation of the key strategic business initiatives and projects through following the secure software development life cycle including specifying the confidentiality, integrity, and availability requirements, addressing security requirements throughout the development of new systems and performing proper risk assessment prior to releasing new systems to production.
10. Review new technologies and changes to existing technologies for in house developed applications to ensure proper information security requirements/controls and compliance with relevant security policies and compliance mandates.
11. Conduct the annual review and update of the area s processes, procedures and recommend updates to relevant policies with the adherence to the developed SLAs.
Desired Candidate Profile
Bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is preferred.
3-6 years of proven experience in a similar security-focused role. (5-8 years for Sr. analyst)
Proven experience as a DevSecOps Engineer or similar role, with strong background in software development lifecycle and security
Strong knowledge of secure coding practices, secure design principles, and common security vulnerabilities.
Familiarity with agile development methodologies and experience integrating security into agile processes.
Knowledge of industry regulations and standards such as ISO 27001, NIST, OWASP, etc.
Abroad understanding of security practices such as penetration testing, threat modelling, vulnerability management and static & dynamic application security testing
Experience with CI/CD tools such as Gitlab CI/CD, version control systems, code repositories, etc.
Experience with containerization and orchestration tools (e.g. Docker, Kubernetes, Helm, ArgoCD)
Knowledge of scripting languages (e.g. Bash, Python, Go)
Experience conducting security assessments, vulnerability testing, and risk assessments.
Familiarity with security tools and technologies such as vulnerability scanners, code analysis tools, etc.
Recommended Certification:
CISSP
CISM
CSSLP
GIAC Cloud Security Automation (GCSA)
Certified DevSecOps Engineer (CDSOE)
Certified DevSecOps Professional (CDP)
DevSecOps Engineering (DSOE)
Certified Ethical Hacker (CEH)
Offensive Security Defense Analyst (OSDA)
Excellent communication and collaboration skills
Strong problem-solving and analytical skills
Proficient verbal and written English
Ability to manage and prioritize tasks
Knowledge of top-level cybersecurity subjects and issues
Ability to research threats and draw up logical conclusions through well-thought-out, unbiased processes
Ability to troubleshoot and solve problems
Ability to learn new technologies quickly
Ability to bring together data from diverse sources and articulate it into simple and concise information
Company Industry
- Recruitment
- Placement Firm
- Executive Search
Department / Functional Area
- IT Software
Keywords
- DevSecOps Analyst And Senior Analyst
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
Similar Jobs
Security Architect
ULTIMATE HUMAN RESOURCES SOLUTIONS LLC
- 8 - 14 Years
- Dubai - United Arab Emirates (UAE)
IT Security Operation Engineer - Dubai
Confidential Company
- 3 - 8 Years
- Dubai - United Arab Emirates (UAE)
Senior Specialist Azure - Abu Dhabi
Confidential Company
- 8 - 15 Years
- Abu Dhabi - United Arab Emirates (UAE)