DevSecOps Engineer

Summary

Hazeltree is a global leader in cloud-based treasury solutions. Join our dynamic Information Security Team as DevSecOps Engineer.

The ideal candidate will be motivated, ambitious and have at least 3 years of experience. In this role, you will be accountable for the automation of processes to safeguard our infrastructure and applications by integrating security practices into our DevOps pipeline and IT Operations. You will work at the intersection of operations, security, and development, collaborating closely with other teams to ensure the security of all critical business operations by design and default.

Responsibilities

• Support and extend existing development-secured CI/CD pipeline.
• Support to development team with development infrastructure.
• Support of AWS Infrastructure for clients and VDI’s for internal operations.
• Maintenance of highest standards of security configuration, access management, and Incident response on cloud platform.
• Automating AWS infrastructure builds following CIS hardening standards.
• Support all critical BAU operations for windows and Linux based environments.
• Assess SAST and DAST scans and work with the development team to implement remediating or mitigating controls.
• Monitor Infosec, servers, firewalls, and application-related alerts and liaise with relevant teams to avoid impacting business operations.
• Continuous Monitoring of internal and Third-party Information security controls.
• Support business to stay in compliance with ISO 27001:2022, SOC1 Type2 and SOC2 Type2 industry standards.

Technical skills

• Good knowledge of Microsoft platforms like Office 365, IIS, .NET, Web Services, SQL Server, Windows Servers & Active Directory.
• Hands-on experience working in AWS or any other cloud-based solutions.
• Good understanding of secured Software development lifecycle with proficiency with CI/CD platforms.
• Strong Knowledge of scripting language PowerShell will be highly beneficial.
• Good Experience with Cloud-based security platforms like email security gateway, Identity Management, Endpoint Security, & Threat Management.
• Good experience on Cloud-based ITSM platforms like Atlassian (Ideally Jira automation), Service Now, etc. Understanding of the processes and procedures will be critical here.
• Good Understanding of Network security protocols, firewalls, Vulnerability management and threat management platforms.
• Proven experience in Incident Management processes, report writing, KPI and KRI monitoring.
• Understanding of security best practices, frameworks and methodologies like OWASP, CIS etc.

Soft skills

• Proficient in analytical and problem-solving abilities.
• Proficient in explaining intricate security topics to technical and non-technical stakeholders, with exceptional communication skills.
• Experience working in cross-functional teams and a collaborative mindset.
• A dedication to the provision of high-quality solutions and meticulous attention to detail.
• Should have the capacity to remain composed, adapt, and think strategically in high-pressure situations
• A robust sense of accountability for safeguarding the confidentiality of both internal and external data and adherence to privacy regulations.
• Maintaining the utmost ethical standards and integrity will be essential.

Qualifications:

• Experience: 3 years in DevOps or DevSecOps role.
• Bachelor’s in computer engineering or equivalent
• AWS Certified DevOps, AWS solutions Architect, AWS SysOps Administrator, Certified DevSecOps or any other security related certifications will be plus.

Position available in London and New York. If you have what it takes, please send your resume to careers@hazeltree.com.