DevSecOps Engineer

Lisboa

Job description

As a DevSecOps Engineer, what are you going to do?

  • Identify security vulnerabilities in the system and implement necessary solutions to remediate the vulnerabilities;
  • Review cloud and on-premises deployment architectures and implement required security controls;
  • Identify manual processes that can be smartly automated;
  • Ensure security best practice is followed and provide solutions to improve existing infrastructure processes in the company;
  • Design & Implement secure software development life cycle;
  • Define applications security architecture elements;
  • Set security best practices for cloud security;
  • Define documentation of security requirements for applications (web, mobile, host, SOA, etc.);
  • Mentor other engineers, define our technical culture, and help build a fast-growing team;
  • Contribute to tool evaluation, selection and recommendation internally
  • Provide advisory to different groups (Business Consultants, Product Management, Professional Services, etc.);
  • Participate in execution of training program for different teams;
  • Work with senior management on defining roadmaps, needs and provide short and mid-term forecasting;
  • Contribute to as a Subject Matter Expert & internal professional community


Requirements

What are the skills and professional experience we’re expecting from you?

  • Master’s degree in computer science, Telecommunications or Information Security;
  • Certifications such as CSSLP, CISSP, CISA, etc. are preferred;
  • Certifications from pentesting vendors (OSCP, CEH,…) are preferred;
  • SAST & DAST tools related education and certificates are beneficial;
  • At least 3 years of experience in the Application Development (DevOps);
  • At least 1 year of experience in Application Security Testing;
  • Hands-on experience in Cloud Environments and on-premises Data Centre;
  • Good skills in at least one or more scripting languages; Python, or Shell/PowerShell;
  • Experience in management and definition of security in the software development lifecycle (SDLC);
  • Working knowledge Agile and primarily DevOps development methodologies.
  • Experience in software development and SDLC in Java, Python, C#, etc…;
  • Knowledge of conducting security checks (static and dynamic code analysis, vulnerability analysis in applications and penetration tests, security component analysis);
  • Understanding or virtualization and container technologies (Docker, Kubernetes, OpenShift);
  • Experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10;
  • Knowledge of securing APIs;
  • Experience in Web and/or Mobile applications and common vulnerabilities;
  • Knowledge of security in micro-services is beneficial;
  • Communications skills including the ability to understand client process in any area in detail;
  • Excellent coordination and communication skills;
  • Business writing skills (capturing needs and writing it down on formal documents);
  • Reliable and with attention to detail.


Benefits

Some of the cool reasons to work with us:

  • Portuguese multinational company, with almost 20 years of expertise;
  • Tech company with amazing products using biometric data, working with singular industries such as Airports and Airlines;
  • HQ in Portugal but with offices spread all over the world;
  • Work in a multicultural environment, with colleagues from every corner of the globe.


Want to apply?

Cargo
Name*
Email*
Phone number*
Linkedin
Upload your CV here* (max. 4MB)
Upload your photo or video here (max. 4MB)
Submit
This site uses cookies from Google to deliver its services and to analyze traffic. Your IP address and user-agent are shared with Google along with performance and security metrics to ensure quality of service, generate usage statistics, and to detect and address abuse.