Work together with **DevOps engineers** to incorporate security tools/scanners seamlessly into their development pipelines.
- Create user-friendly and versatile solutions that can be easily used by DevOps engineers who utilize a wide range of technologies in their pipelines. For instance, developing templates for **GitLab CI/CD** or shared libraries for **Jenkins**.
- Automate regular security scans by developing automation mechanisms, such as Jenkins jobs, to schedule and execute scans automatically.
- Provide ongoing support for existing solutions like GitLab CI/CD templates, Jenkins jobs, and shared libraries. This involves addressing bugs reported by DevOps engineers, adding new features, making various improvements (e.g., enhancing performance), and integrating new system components.
- Support the infrastructure for on-premises security tools/scanners, which includes keeping the underlying operating systems up to date, installing vendor updates, restoring tools in case of failures, and scaling by deploying additional tools or machines.
- Design, develop, and support communication channels for engineering teams to receive feedback from the security tools/scanners. This may involve creating dashboards, integrating with JIRA, or providing other interfaces to enable status updates.
- Collaborate with security tools/scanners vendors to resolve any issues that may arise.
- Conduct trial/demo installations when considering the purchase of new security tools.
The mentioned security tools/scanners encompass SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis), among others.
Opportunity to grow|International environment
- Profound understanding of **CI/CD processes and their implementation.**:
- Proficiency in scripting languages to automate tasks, regardless of the programming language used.
- Strong system administration skills, both in** Windows and Unix** environments.
- Hands-on experience with **Docker and containerization.**:
- Sound grasp of concepts related to git repositories, especially GitLab, including branches, commits, and merge requests.
- Prior experience in developing with **GitLab CI/CD.**:
- Proficiency in creating and managing **Jenkins** jobs.
- Abilities to work with and retrieve data from REST APIs.
- Familiarity with secure software development lifecycle principles, such as **OWASP SAMM.**:
- Knowledge of **OWASP DevSecOps Guidelines.**:
- Understanding of the GitOps approach and practical experience with the Argo CD tool.
- Previous experience in modifying or creating rules for security scanners.
International leading provider of business communications, located in Valencia and with offices across the world.
- Salary up to €70.000 annual gross.
- Hybrid work model: 3 days at the office and 2 days remotely.
- Opportunity to join an international team (USA, China, Spain...).
- Oppotunity to join immediately.
As a DevSecOps (Security Automation Engineer) you will join an international team of 8 profesionals and you will be work with the integrations tools into CI/CD.
DevSecOps - Valencia - Hybrid work model