Certifications (Desired) CISSP/CISA/CISM/CCSP/CEH/ or other relevant certifications.
10 years of work experience with a minimum of 6 years in DevSecOps
Working experience in cybersecurity and secure coding methodologies.
Previous experience with a strong understanding of secure development tools and languages: Jenkins Gitlab Docker Java Python Ruby Perl Scripting YAML SAST DAST Software Composition Analysis tools Jira Bitbucket etc. as part of DevOps.
Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
Ability to review and analyze risks associated with opensource code & to detect insecure modules or dependencies used within an application using the SCA tool.
Capability to prepare security vulnerability and risk management
reports for management.
Familiarity with API Security Container Security and Cloud Security concepts.
Demonstrated understanding of the complexity of developing and delivering effective operational solutions to complex business challenges.
Demonstrated ability to analyze complex problems think creatively communicate recommendations and influence change to be able to drive process and structure into an extremely dynamic environment.
Certified in any one of the cloud certifications is preferred (AWS/Microsoft/GCP)
Job Profile
Support the development and maintenance of DevSecOps procedures standards and policies that create a strong baseline of best practices consistently across the organization as a senior manager.
Support the delivery of comprehensive and effective recurring secure
development training and curriculum
Support and enforces information security policies procedures and practices that meet published industry standards.
Ensure compliance with published governance standards through internal audit and independent thirdparty verification.
Support all teams regarding secure development initiatives/roadmaps which materially support the organization.
Maintain and update scorecards to articulate and manage the required compliance of all DevSecOpsrelated KPIs
Collaborate with various development teams to bring continuous improvement in DevSecOps processes and tools.
Manage issues and management decisions to timely resolution.
Work closely with engineering teams to ensure security while architecting and
devsecops,jenkins,gitlab,docker,java,python,ruby,perl,scripting,yaml,jira