Apply now »

Domain Expert - Systems

Location: 

Mumbai, MH, IN

Areas of Work:  Systems
Job Id:  12829

Job Purpose:

DevSecOps Domain Expert needs to well versed with DevOps processes, Application Security and automation processes and ensuring the security, efficiency, and reliability of DevSecOps processes. You will play crucial role in embedding security with CI/CD pipeline and ensuring the best practices are followed across the development life cycle / change management processes.  Additionally, expertise in Process Automation is a plus, to enhance productivity, consistency, and speed.

Business Responsibility Areas:

 

  • DevSecOps:

    • Needs to well be versed with DevOps processes, Implement, and manage security automation practices with DevOps pipelines to ensure secure software development and deployment.

  • Application Security:

    • Identify, assess, and mitigate vulnerabilities in application and to ensure adherence to security policies, standards, and guidelines.

    • Needs to conduct threat modeling, vulnerability assessments and risk analysis for DevSecOps processes to identify security gaps and recommend solutions.

  • Collaborate with Development & Security Teams: 

    • Provide security guidance to developers and ensuring secure coding practices are followed and review security standards with team.

    • Embed Security best practices in SDLC life cycle.  Training and mentorship to developers for on secure coding principles. 

  • Automation & Tooling:  

    • Design, build and maintain automated pipeline with integrated security tools like SAST, DAST, vulnerability management.

  •  Monitoring and Governance

    • Establish monitoring systems for DevSecOps onboarding, deployment, and runtime application security.

    • Collaborate on incidents, response and investigations related to application security.

    • Document and maintain policies and procedures for secure development and deployment.

  • Continuous Improvement:

    • Stay updated on industry trends and emerging technologies in DevSecOps, Application security. Identify opportunities to enhance security, efficiency and scalability of current process and systems.

 

Qualifications:

BE (Comp Sc. / IT), Master’s Degree(Comp. Science/IT), MCA

 

Previous Experience:

  • 8+ years of overall experience with 3+ years of experience in DevSecOps, Application security

  • Proficiency in CI/CD tools (like Jenkins, GitLab, etc) and security tool (likeF5, Fortify, SonarQube etc)

  • In-depth understanding of secure coding practices, application security testing methodologies.

Apply now »