We are looking for highly skilled and experienced DevSecOps Engineer to drive the orchestration and automation of all security, IT and Cloud activities within Group IT, further advising and consulting into divisions around the benefits of development automation, security automation and providing guidance as a subject matter expert in the area of DevSecOps.
The DevSecOps Architect is a key technical role within the DevSecOps function and is responsible for implementing secure modern business solutions supporting Cloud, Mobile, Integration, Development and Data solutions. The individual will participate as a technical expert for supporting secure applications within Group IT as well as selective SaaS divisions. The specific responsibilities will vary from project to project, providing excitement and variety, but also requiring flexibility and adaptability to learn as well as acquire new skills in support of leading edge technologies.
The candidate will work closely with the IT Steering Committee, Group IT and Development and Business Architects and Data Architects of the various divisions across the organization to leverage their expertise and ensure project solutions are in alignment with overall business and technology strategies for Development, Security and IT Operations.
Primary Responsibilities for the Role
- Research and identify solutions to software and hardware issues
- Deliver a “Center of Excellence” for Information Security, offering internal consultancy, advice and pragmatic assistance on DevOps risk and control matters throughout the organization and promoting the advantages of managing Information Security risks more efficiently and effectively through secure DevOps processes.
- Work with department heads and other managers to champion the priority of DevSecOps initiatives
- Assist with the identification and investigation of emerging technologies and associated migration paths to provide cost-effective and scalable solutions
- Development and integration of security services that span network and application security, vulnerability and patch management, an incident the response, digital forensics, automated source code analysis, and cybersecurity investigations
- Have an automation first approach to application and infrastructure deployment, setup, and configuration
- With infrastructure as code approach, you will architect, design and help implement highly automated deployments to support our global operational model
- Automate and regularly review/optimize our CI processes and tools
- Continue to deepen your scripting, coding and system administration skills and apply them to increase operational efficiencies, reducing the need for manual processes
- Function as an internal consulting resource on secure DevOps practices
- Provide strategic guidance for projects and products, including the evaluation and recommendation of technical controls and solutions for the CI/CD pipeline
Minimum Qualification and Experience Requirements
- Bsc degree in Information Technology, Computer Science or relevant field.
- Relevant education and certification in IT Security & Security Best Practice
- Relevant education and certification in Cloud Services, preferably Amazon.
- At least 4+ years’ experience with automating build, deployment and configuration of complex applications
- Experience with security architecture design principles
- Experience with automated deployment of highly scalable and available cloud (ideally Amazon Web Services), hybrid and on-prem based services
- Exposure to containers, micro-services, workload templates and automation on different platforms
- Good working knowledge of infrastructure design, including network, storage and compute layers
- Knowledge and experience across the SDLC
- Demonstrated testing and quality assurance experience
- Be a strong advocate for a Dev SecOps culture with our Development, Operations and Engineering teams
- Problem solving ability to analyse and resolve complex infrastructure resource and application deployment issues.
- Enjoy working in a rapidly evolving, entrepreneurial, technology and service-driven, client-focused environment.
- Displays strategic thinking ability and excellent conceptual skills.
- Demonstrate a strong ability to engage with various stakeholders, have a team-based approach and work towards shared goals and outcomes.
- Be passionate about the quality of services that you are responsible for
- Display attention to detail and the ability to present ideas in a tangible form
- Ability to communicate design rationale and use your influencing skills to build consensus
- Ability to map business needs to technology solutions
- Must have a solid understanding of DevOps technology and Information Security
- Good knowledge of security risks and preventative controls
- Interpersonal skills with the ability to develop strong relationships
- This position must be ardently attuned to security news, trends, risks, and events and be able to understand vulnerabilities and exploit code
- sufficiently to understand security implications and assess their impacts.
- Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies as they relate to DevOps
Specific Technologies Experience
- Proven experience within Linux and Microsoft technologies
- Strong Scripting skills (bash, python, PowerShell)
- Relational Database Experience with some T-SQL capability (MSSQL, MySQL, Oracle, working with large transactional datasets in some instances)
- Container technologies (Docker) and Container Orchestration (Kubernetes, Rancher etc)
- CI/CD Tools (octopus deploy, Team City, Jenkins)
- NoSQL database experience (MongoDB, Redis, MemcacheDB)
Contact Person: Nomzamo Skosana
Vacancy Status: Open
- Experience with AWS cloud technologies, Azure experience also considered.