We are seeking a highly skilled and experienced Principal DevSecOps Engineer to join our team. As our Principal DevSecOps Engineer, you will play a critical role in shaping and implementing secure DevOps practices across our organization. You will lead the design, development, and implementation of secure DevOps pipelines, integrating security measures seamlessly into our software development lifecycle. The ideal candidate will have a strong background in DevOps, deep knowledge of cybersecurity principles, and a passion for driving innovation in secure software delivery.
This role will require a person that is comfortable researching, implementing, mentoring, and presenting ideas and opportunities across teams in multiple locations globally.
What You'll Do
Lead the design, development, and implementation of DevOps pipelines with a focus on security best practices. Ensure that security is integrated throughout the software development lifecycle (SDLC). Develop automation scripts and tools to streamline security processes, including vulnerability scanning, code analysis, and security testing. Implement automated checks into CI/CD pipelines to enforce security standards. Collaborate with cross-functional teams to define secure architecture patterns and design principles. Provide guidance on security requirements for infrastructure, applications, and microservices. Work with our Global Information Security team to conduct threat modelling exercises to identify potential security threats and vulnerabilities. Perform risk assessments and develop mitigation strategies to address security risks effectively. Promote security awareness and best practices across the organization through training sessions, workshops, and documentation. Mentor junior team members on secure coding practices and DevSecOps methodologies. Keep abreast of the latest cybersecurity threats, vulnerabilities, and industry best practices. Evaluate emerging technologies and tools to enhance the security posture of our DevOps environment.
What We're Looking For
A strong background in DevOps, DevSecOps, working as a DevSecOps Consultant, Engineer, Architect or similar. Expert level of software security and development practices and implementations. Expert level knowledge and experience of Kubernetes, on-prem and on cloud providers. Expert level of Cyber Security experience. Solid understanding of security protocols, cryptography, authentication, authorization, and security. Proven track record creating a common architecture vision and implementing the strategic alignment across multiple teams. 5+ years of demonstratable and significant experience of implementing Docker and Kubernetes in an enterprise environment. 5+ years of experience of delivering CI/CD pipelines to automate everything. Strong interpersonal, verbal, and written communication skills, with the ability to develop and conduct presentations to peers and management teams. Self-directed with the ability manage own work and life balance.
Even if you don't tick every box, if you think the role would be a good match with your skills we would still love to hear from you.
