DevSecOps – London

DevSecOps | Contract | Central London

The Purpose of this role is to work with the Development team to design and develop a greenfield digital product, with a keen eye for scalability. You will shape the information security landscape and implement the application IT controls, providing design review and approval for new products and services.The Purpose of this role is to work with the Development team to design and develop a greenfield digital product, with a keen eye for scalability. You will shape the information security landscape and implement the application IT controls, providing design review and approval for new products and services.

Specifically this role will focus and responsibility will be the following themes:
* Act as the subject matter expert for securing application development across a range of platforms (iOS, Android, Cloud Infrastructure)
* Conduct rapid risk assessments as part of the development life-cycle to consider control implementation during development
* Ensure the confidentiality, integrity and availability of a DevOps Pipeline (including technologies such as Code Repositories, CI, Containers, Orchestration platforms)
* Develop the protection mechanisms inherent in native cloud environments, particularly AWS (e.g. CloudTrail, GuardDuty, IAM rules, virtual network setup)
* Ensure that API integration is conducted in a secure manner
* Develop Security test cases to implement into CI tooling
* Monitor and test the development and production environment through a range of static, dynamic and semi-automated vulnerability or penetration testing
* Ensure security stories are fed into the backlog and developed as part of sprints
* Apply OWASP ASVS standards
* Remain at the forefront of technology and strive to remain current

Experience:
– Significant experience in IT security threats and control strategies, particularly within a mobile and cloud-based environment.
– Demonstrable experience of working effectively in an agile DevSecOps environment
– Experience within FinTech or start-up environments are beneficial but not a must.

Personal Skills:
– Passionate about working as part of a team to develop a product from scratch
– Ability to make pragmatic decisions surrounding security controls and can defend logic when tested

Qualifications:
– The following certifications may assist you in role
– AWS Certifications (Developer, Architect)
– OSCP/OSCE
– Java/Swift development experience

DevSecOps | Contract | Central London

This job ad was posted by Salt. To find out more about Salt’s Privacy Policy and how your application is processed, please visit our website https://welovesalt.com/privacy-policy/.