Zensar Technologies
This listing was posted on hirist.
Zensar Technologies - Lead DevSecOps Engineer - Vulnerability Assessment Tools
Location:
Pune, Maharashtra
Description:
Summary : The role of a DevSecOps Lead is crucial in integrating security practices within our DevOps methodology, bridging any gaps between IT and security to ensure the swift and safe release of code. This role involves implementing security measures throughout the DevOps pipeline to protect Applications and APIs, ensuring compliance with necessary security standards. Key Responsibilities :- Incorporate security measures into every stage of the DevOps pipeline to protect Applications and APIs.- Implement and maintain controls within the Continuous Integration/Continuous Deployment (CI/CD) pipeline to meet necessary security standards.- Regularly use automated tools for routine security checks.- Gain experience with SAST (Static Application Security Testing), SCA (Software Composition Analysis), DAST (Dynamic Application Security Testing), IaC (Infrastructure as Code) security, Container security, integrating security in IDEs (Integrated Development Environments), and API security.- Facilitate collaboration among development, operations, and security teams.- Develop policies that align with regulations, alongside conducting comprehensive assessments of application/API security.- Educate teams about secure applications/APIs usage, keep up-to-date with cybersecurity trends, ensure adherence to secure design principles across all Software Development Life Cycle (SDLC) phases, manage incident response protocols, and provide training on secure coding best practices.- Utilize automation tools to identify potential vulnerabilities before they become threats.- Evaluate third-party services for potential weaknesses in their security posture.- Additional duties include ensuring that vulnerabilities are remediated before code moves to production and providing guidance on the remediation process for application/API security vulnerabilities.- This role also requires collaboration with Information Security Officers (ISOs), DevOps teams, Application Development teams, Vendor Partners, and Cyber Engineering teams.- Overseeing application/API security strategy is a major part of this role as well as enforcing compliance with internal policies alongside external regulations related to API use.- This position also ensures all systems comply with industry-specific regulations such as GDPR or HIPAA. Experience And Educational Requirements :- Bachelor's degree in IT, Cybersecurity, or a related field, or equivalent work experience.- 8 + years over all , CI/CD Pipelines, Jenkins, Controls, Regulations Security certifications such as CISSP (Certified Information Systems Security Professional), OSCP (Offensive Security Certified Professional), or CEH (Certified Ethical Hacker) would be advantageous.- Minimum 8 years of experience in a similar role within a large, geographically dispersed environment.- Strong understanding of information security principles.- Excellent communication skills: able to explain complex concepts clearly to both technical and non technical stakeholders.- Understanding of industry-standard regulations, risk management, and security controls frameworks and standards (e., ISO, PCI, NIST, GAPP, HIPAA, GDPR, CIS, SANS, OWASP Top 10, MITRE ATT&CK, etc.) Skills Desired :- Understanding of risk assessment methodologies.- Experience with various vulnerability assessment tools (e., Checkmarx, Microsoft Defender).- Strong interpersonal skills , ability to work collaboratively within a team.- Reporting and metrics expertise with platforms such as ServiceNow (SecOps), PowerBI, etc. Working Hours : The candidate must work during US morning business hours, up to 11 AM CST, to provide support to our Business, IT, DevOps, and Application Development global teams. Accordingly, the candidate's working day in India will be from 1:30 PM IST until 9:30 PM IST. (ref:hirist.tech)
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to hirist
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: Zensar Technologies - Lead DevSecOps Engineer - Vulnerability Assessment Tools
Zensar Technologies - Lead DevSecOps Engineer - Vulnerability Assessment Tools is a Engineering Engineer Job at Zensar Technologies located in Pune MH. Find other listings like Zensar Technologies - Lead DevSecOps Engineer - Vulnerability Assessment Tools by searching Oodle for Engineering Engineer Jobs.
Zensar Technologies - Lead DevSecOps Engineer - Vulnerability Assessment Tools is a Engineering Engineer Job at Zensar Technologies located in Pune MH. Find other listings like Zensar Technologies - Lead DevSecOps Engineer - Vulnerability Assessment Tools by searching Oodle for Engineering Engineer Jobs.