Vakansiyanın detalları
- Əmək haqqı: Razılaşma yolu ilə
- Kateqoriya: Development (Proqramlaşdırma)
- CI/CD Python Gitlab
Vakansiyanın təsviri
- Integrate security practices into development and operations processes to create a secure and efficient CI/CD pipeline;
- Automate security processes throughout all stages of the software development lifecycle (SDLC);
- Develop and maintain tools and scripts for security task automation, including static and dynamic application security testing (SAST/DAST), infrastructure vulnerability analysis, secrets management, and compliance-as-code;
- Participate in designing and implementing secure infrastructure for on-premise solutions;
- Configure and maintain security monitoring and incident response systems;
- Conduct vulnerability assessments and participate in remediation processes;
- Develop and implement security policies and procedures for DevOps teams;
- Train and advise development and operations teams on security matters;
- Participate in selecting and implementing security tools;
- Ensure compliance with security requirements and regulatory standards;
- Monitor and analyze security logs;
- Participate in security incident investigations;
- Continuously study new security threats and DevSecOps best practices.
Xüsusi tələblər
- Proven experience as a DevSecOps Engineer, Security Engineer, or DevOps Engineer with a security focus (3+ years);
- Deep understanding of DevOps and DevSecOps principles;
- Experience with CI/CD tools (GitLab CI);
- Practical experience with static and dynamic code security analysis tools (SAST/DAST);
- Experience with infrastructure vulnerability analysis tools (Nessus, OpenVAS);
- Knowledge of principles and experience with secrets management systems (HashiCorp Vault);
- Experience with security monitoring systems and SIEM (Splunk);
- Knowledge of network security principles (firewalls, WAF, IDS/IPS);
- Experience with containerization systems (Docker, Kubernetes/OpenShift) and their security;
- Knowledge of scripting languages (Python, Bash, PowerShell);
- Understanding of Infrastructure as Code (IaC) principles and experience with relevant tools (Terraform, Ansible);
- Knowledge of key security standards and practices (OWASP Top 10, CIS Benchmarks);
- Experience with version control systems (Git);
- Ability to automate routine tasks;
- Strong diagnostic and problem-solving skills;
- Ability to effectively interact with development and operations teams;
- Proactivity, responsibility, and commitment to continuous development in security.
Müraciət etmək üçün: [email protected]
Yeni vakansiyaları operativ almaq üçün Telegram-kanalımıza qoşulun
