Facebook pixel

Devsecops Engineer
Posted on 2/19/2022
INACTIVE
Locations
London, UK
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Node.js
AWS
Docker
iOS/Swift
Git
Kotlin
Management
Rust
Kubernetes
Python
Writing
Requirements
  • Minimum 4 years working as a DevSecOps Engineer with further hands on experience in security (Such as application security)
  • Bachelor's degree in computer science or equivalent practical experience
  • Security certifications such as CISSP, CEH, SANS, CREST, OCSP, etc
  • Highly experienced at securing Cloud native web applications, mobile applications, infrastructure, etc. and supporting frameworks across e.g. OWASP Top 10
  • Writes code (e.g, Python, Go, NodeJS, Rust, Swift / Kotlin ) and builds tools and integrations
  • Experience with Security tools such asCheckmarx, Snyk, Cloudflare, AWS GuardDuty, AWS Inspector, Crowdstrike, etc
  • Extensive experience with version control and CI/CD pipeline ( gitlab, GitHub, CircleCI, bitrise )
  • Worked on s-SDLC in a large enterprise organization(s)
  • Broad knowledge of the security technologies and capabilities used in an enterprise, particularly in a high growth, cloud based environment
  • Extensive experience with cloud security such as AWS, Kubernetes, Docker, Registries, containers, etc
  • A mix of consulting and industry experience
  • Experience with Bug bounty programmes
Responsibilities
  • Act as one of the central points of contact with the business with regards to the secure software development lifecycle of applications and products
  • Work with key stakeholders to ensure that security is built into the design of applications and products across the business
  • Drive the adoption of DevSecOps throughout the company
  • Integrate and maintain key security controls and technologies for the Security team in order to support DevSecOps
  • Deliver security automation at scale throughout the company to ensure high speed, automated security testing throughout the delivery pipeline
  • Analyse applications and products to identify key security risks, and recommend and drive security improvements using a risk based approach
  • Drive Threat Modelling throughout the engineering teams
  • Support vulnerability assessments and security testing
  • Actively work with engineers to remediate vulnerabilities, where appropriate writing the fixes yourself
  • Support the Security Risk Management function on security policies and standards, security audits, vulnerability compliance, and risk management
  • Work on the product security engagement plan, to educate engineers by scaling up security champions, implementing a framework for security best practice, threat modelling, and security input into design reviews
Deliveroo

1,001-5,000 employees

Takeaway food delivery
Company Overview
Deliveroo's mission is to bring customers a whole world of restaurant-quality food.
Company Values
  • We are customer obsessed
  • We succeed as a team
  • We are relentless
  • We deliver results
  • We get to the bottom of things
  • We simplify
  • We think big
  • We build trust
  • We never say 'it's not my job
  • We are frugal
  • We embrace change
  • We celebrate difference