Cyber Security Engineer

Expleo is seeking a highly skilled and experienced Senior DevSecOps Consultant to join our team in Sweden (located in Gothenburg OR Stockholm).

Our ideal candidate has strong problem\-solving skills, an analytical mindset and the ability to lead the integration of security into the development and operations processes.

If you are a full\-stack engineer looking to expand your skill set, we'd love to hear from you. Join our team today and take the next step in your career!

• DevSecOps Strategy Implementation: Support and implement a comprehensive DevSecOps strategy that aligns with organizational objectives and security standards.


• CI/CD Pipeline Security Integration: Integrate security tools and practices within CI/CD pipelines to automate security checks and ensure continuous security compliance.


• Security Automation and Orchestration: Design and implement security automation scripts and workflows to enhance the efficiency of the DevSecOps process.


• Infrastructure as Code (IaC) Security: Ensure security best practices are embedded in IaC scripts and configurations.


• Container and Microservices Security: Implement security measures for containerized applications and microservices architectures.


• Collaboration and Training: Work collaboratively with development and operations teams to build a strong DevSecOps culture; provide training and mentorship in security best practices.


• Minimum of 3\-5 years of experience in DevSecOps, with a proven track record of implementing security in DevOps environments.


• Expertise in automation and orchestration tools (e.g., Jenkins, Ansible, Chef, Puppet).


• Proficient in cloud environments (AWS, Azure, GCP) and understanding of cloud\-native security principles.


• Good knowledge of containerization and orchestration tools (Docker, Kubernetes) and their security configurations.


• Experience with infrastructure as code (Terraform, CloudFormation) and ensuring the security of IaC.


• Proficient in implementing and configuring security tools such as SAST, DAST, IAST, RASP, and vulnerability scanners.


• Familiarity with secure coding practices and application security standards.


• Strong understanding of network and application security, threat modeling, risk assessment techniques, and cybersecurity frameworks (e.g., OWASP, NIST).


• Knowledge of compliance requirements (e.g., GDPR, HIPAA).

Denna annons kommer från indeed. Visa originalannons ↗