DevSecOps Engineer

Job Details

Employment Type

Full time

Industry

Information Technology

Salary

AED 18000.00 - 22000.00

Location

Dubai, United Arab Emirates

Job Posted Time

February 29, 2024

Responsibilities:

Collaborate with development, operations, and security teams to integrate security best practices into our DevOps processes and workflows.
Implement and automate security controls and compliance checks throughout the development and deployment lifecycle.
Design and implement secure CI/CD pipelines for building, testing, and deploying software, incorporating security testing tools such as SAST, DAST, and IAST.
Implement and manage infrastructure as code (IaC) using tools such as Terraform, CloudFormation, or Ansible, ensuring security best practices are followed.
Automate security scanning and vulnerability management processes for applications, containers, and cloud resources.
Implement and manage security monitoring, logging, and alerting systems to detect and respond to security incidents.
Conduct security assessments and penetration testing of applications, infrastructure, and cloud environments.
Ensure compliance with industry standards and regulations such as GDPR, HIPAA, PCI-DSS, and SOC 2.
Provide guidance and support to development and operations teams on secure coding practices, security tools, and security best practices.
Stay up-to-date with emerging security threats, vulnerabilities, and best practices, and implement appropriate measures to mitigate risks.

Qualifications:

Bachelor’s or Master’s degree in Computer Science, Software Engineering, Information Security, or a related field.
Proven experience as a DevSecOps Engineer or similar role, with a strong background in software development, operations, and security.
Proficiency in scripting and programming languages such as Python, Bash, or Go.
Experience with cloud platforms such as AWS, Azure, or Google Cloud Platform, including hands-on experience with security services and controls.
Experience with CI/CD tools such as Jenkins, GitLab CI/CD, or CircleCI, and version control systems such as Git.
Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible, and containerization technologies such as Docker and Kubernetes.
Strong understanding of security principles, standards, and best practices, including OWASP Top 10, CIS Benchmarks, and NIST Cybersecurity Framework.
Experience with security testing tools such as static analysis (SAST), dynamic analysis (DAST), and interactive analysis (IAST) tools.
Experience with security monitoring and logging tools such as SIEM, IDS/IPS, and security information and event management (SIEM) systems.
Excellent problem-solving skills and the ability to troubleshoot complex technical issues.
Strong communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.