Security Engineer (DevSecOps)

Netsentries FZCO is seeking a Security Engineer with expertise in CI/CD Security (DevSecOps). This role is integral in ensuring the security and integrity of our CI/CD Platform, particularly focusing on DevSecOps and Kubernetes security. A significant aspect of the role involves conducting security assessments, recommending designs and enhancements, troubleshooting.

Key Responsibilities:

• Conduct security assessments and audits within CI/CD pipelines. Familiarity with tools such as Jenkins, ArgoCD and GitHub Actions
• Review and enhance security measures for Kubernetes and container deployments.
• Implement and review security practices in cloud-native environments, knowledge about service mesh architectures, API gateways and the CNCF landscape into DevOps processes.
• Oversee security aspects of orchestration platforms like OpenShift.
• Collaborate with various development teams to bring continuous improvement in DevSecOps processes and tools.
• Develop and maintain security documentation and guidelines for CI/CD pipeline tools and processes.
• Relevant certifications (e.g., Certified DevSecOps Professional (CDP)) are a plus.
• Work Closely with engineering teams to ensure security while architecting and building new systems.

Qualifications:

• Strong background in CI/CD and container technologies.
• Proven experience in securing Kubernetes and containerized environments.
• Proficiency in at least one scripting language: Python, Bash, NodeJS
• Familiarity with OpenShift, ArgoCD, GitHub Actions, Istio, and DevSecOps methodologies.
• In-depth knowledge of containers, Kubernetes, docker, API Gateway, Jenkins
• Ability to design and implement robust security protocols and measures.
• Understanding of network segmentation, Network Policies, Egress policies etc.
• Strong analytical and problem-solving skills.

Soft skills:

• Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective.
• Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement “good architecture principles” to lower technical debt.
• Assertive personality; should be able to hold her/his own in a project board or work group setting.
• Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner.
• Can work independently and self-motivated.

Preferred Certifications:

• Certified DevSecOps Professional (CDP)
• Certified Kubernetes Security Specialist (CKS)
• Any other equivalent certification for DevSecOps