We are looking for a DevSecOps Engineer to join our Kharkiv team!
As a DevSecOps Engineer, you will integrate tools and analyze the security of GeoGuard’s data, systems, and applications. You will enjoy leading the discovery and remediation of security issues, collaboration with development, QA and analytics teams and the assessment of designs against relevant security threats. This position will provide you with a challenging opportunity to learn and grow.
The candidate should have a solid knowledge of AWS, GCP, Linux, security scanners.
As a DevSecOps, you should be ready to make the deployment plan for the solution, provide details about advantages and weak spots of the proposed solutions/technologies. The person we are looking for is a security-minded engineer.
Skills and qualifications:
— 3 years’ relevant experience as Security Engineer, DevOps OR DevSecOps
— Experience with cloud security and AWS infrastructure
— Developing, integrating, and enabling security engineering test automation into a CI/CD pipeline
— Experience with any of the application security tools as Checkmarx, Sonatype, OWASP ZAP, Portswigger Burp, IBM AppScan, HP WebInspect, or Acunetix
— Know and recognize application security issues such as cross-site scripting, cross-site request forgery, authorization, injection attacks, etc.
— Comprehensive knowledge of security and compliance is required
— Intermediate written and spoken technical English enough to discuss issues with teams remotely
— You leverage industry security standards and organizations such as, NIST, SOX, and OWASP
— Motivating compensation: high competitive salary, bonus system, corporate language classes
— Personal development plan for each employee
— The chance to work with a motivated and talented international team
— Medical insurance
— Modern office space in the center of Kharkiv, near subway station “Naukova”
— We’re always stocked up on snacks and coffee and have free lunches monthly
— Frequent team building events
— Plan new infrastructure security requirements, maintain current infrastructure and ensure security automation scripts are adequately planned for and created
— Write and maintain guidelines outlining steps required to prepare and support the environments from the security perspective
— Perform security monitoring of servers and applications
— Collaborate with development and analytics teams to troubleshoot software-related issues
— Threat model and review new application and infrastructure designs
— Detail Security requirements and recommendations for new application features and applications
— Assess third party vendors for security vulnerabilities
— Write security tests for applications
— Manage the life cycle of application security vulnerabilities
— Enhance the application security practice through automation and process
— Work with incident response teams to identify potential threats and properly handle application security incidents
GeoGuard is the global market-leader in the detection of location-based fraud. Working at the bleeding edge of technology, with Silicon Valley’s most famous names as our customers and partners GeoGuard, is seen as the best; and only wants to hire the best.