What are the responsibilities and job description for the Devsecops Engineer position at Cynet Systems?
Job Description:
Responsibilities:
Responsibilities:
- Design and implement secure cloud-native architectures with a focus on Istio service mesh and Kubernetes container orchestration.
- Harden and secure containerized workloads and microservices using best practices.
- Leverage Terraform for infrastructure as code (IaC) deployments, ensuring security is baked into the process from the start.
- Implement security controls and monitoring solutions to detect and respond to potential threats.
- Collaborate with security and compliance teams to ensure adherence to industry standards and regulations.
- Conduct regular security audits and penetration testing to identify vulnerabilities and recommend remediation strategies.
- Develop and maintain documentation for security policies, procedures, and incident response plans.
- DevSecOps Integration: Integrate security practices and tools into the CICD pipeline to automate security testing and vulnerability scanning.
- Implement and maintain security tools for code analysis, dependency management, and vulnerability tracking.
- Promote a culture of security awareness and collaboration within the development and operations teams.
- Participate in incident response activities, including investigation, containment, and recovery.
- Analyze security incidents and identify root causes to prevent future occurrences.
- Hands-on Experience: Strong practical experience with Istio service mesh, Envoy proxy, Kubernetes, and Terraform.
- Proficiency in security penetration testing methodologies or automated API testing tools.
- Familiarity with cloud security best practices and cloud-native technologies.
- Understanding of security principles, vulnerabilities, and mitigation techniques.
- Knowledge of industry security standards and compliance regulations.
- Experience in conducting security audits and vulnerability assessments.
- A strong desire to stay abreast of the latest security trends and technologies.
- Enthusiasm for sharing knowledge and promoting security best practices within the team.
- Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
- Excellent teamwork and collaboration skills, working effectively with cross-functional teams.
- Experience with cloud platforms such as AWS, Azure, or GCP. Programming/scripting skills (Python, Java, Bash, etc.) Certifications in security and cloud technologies.
