Within our Competence Management service, selected professionals don’t just join a project, or position – they become valued members of the SWICON team. Our colleagues are our top priority: we offer personalized support, dedicated attention, and a true professional community – because no one is just a number here. This people-first approach has earned us multiple HR awards. Join us and be part of an inspiring, future-driven, and recognized team!
Introduction
Swicon Group is one of the leading members of the IT arena for almost a decade, since 2017 present also in Romania. Our wide range of services and highly trained professionals give us the opportunity to shape our solutions to fully meet the ideas and wishes of our clients. We are proud to have leading banks, insurance and telecommunication companies, as well as large FMCG corporations and SSCs amongst our highly prestigious partners.
Tasks
As a DevSecOps Engineer, you will play a crucial role in integrating security practices into our software development and operations processes. You will collaborate with development teams, security professionals, and operations personnel to ensure the secure design, development, deployment, and maintenance of our systems and applications.
SecOps Principal duties and Responsibilities:
● Collaborate with cross-functional teams to identify security requirements, define security controls, and embed security into the development and operations processes.
● Collaborate with cross-functional teams, promoting communication, and facilitating the adoption of security practices throughout the development process.
● Conduct security assessments, vulnerability scans, and penetration tests and collaborate with development and operations teams to fix vulnerabilities and ensure secure coding practices are followed.
● Perform regular security audits to identify potential security breaches or anomalies.
● Provide guidance and support to development teams in implementing secure coding practices, secure configuration management, and secure deployment strategies.
● Stay up to date with the latest industry trends, security threats, and best practices related to DevSecOps, and recommend improvements and enhancements to security practices.
● Participate in threat modeling exercises to identify potential security risks and vulnerabilities in software applications or infrastructure.
DevOps (Optional) duties and Responsibilities:
● Design, develop, and implement secure DevOps practices, processes, and toolchains to integrate security into the software development lifecycle (SDLC).
● Implement and maintain security monitoring and incident response capabilities to detect and respond to security incidents.
● Develop and maintain secure infrastructure configurations, including network architecture, access controls, and authentication mechanisms.
● Automate security controls and processes to enable continuous integration, continuous delivery, and continuous deployment (CI/CD) pipelines.
● Collaborate with the operations team to ensure the secure operation and maintenance of infrastructure, platforms, and applications.
Expectations
Qualifications:
● Bachelor’s degree in computer science, Information Security, or a related field (or equivalent work experience).
● Proven experience working as a DevSecOps Engineer or in a similar role.
● Strong knowledge of secure software development practices, secure coding principles, and secure configuration management.
● Cloud Automation including Terraform and Cloud Formation.
● Experience with DevOps methodologies, tools, and processes, including CI/CD pipelines and infrastructure-as-code (IaC).
● Familiarity with security technologies and tools, such as vulnerability scanners, penetration testing tools, and security information and event management (SIEM)
systems.
● Solid understanding of network security, authentication mechanisms, access controls, and encryption technologies.
● Experience with Azure cloud platform and associated security controls.
● Knowledge of containerization technologies (e.g., Docker, Kubernetes) and their security considerations.
● Strong scripting and automation skills (e.g., Python, PowerShell, Bash).
● Certifications such as Certified DevSecOps Professional (CDP), Certified Secure Software Lifecycle Professional (CSSLP), or Certified Cloud Security Professional
(CCSP) are a plus.
● Excellent problem-solving skills and the ability to work effectively in a fast-paced, collaborative team environment.
● Strong communication skills with the ability to convey complex security concepts to technical and non-technical stakeholders.
Advantages
- Excellent learning opportunities! Variety in your work and a fantastic, informal work atmosphere.
- A challenging environment that will stimulate you to grow as a professional!
- A great foundation for your career!
- Grow with us! Your role will develop over time, so you can increase your experience and responsibilities. So, you can advance faster and further in your future career.
- A friendly and welcoming work environment with an international working atmosphere where you can practice and learn new language skills with a diverse mix of colleagues and clients.
- A dynamic work environment with a culture that is open, innovative, and performance orientated.
Employer's offer
remote position and B2B possibility
Tags