Employer Active
Job Alert
You will be updated with latest job alerts via emailJob Alert
You will be updated with latest job alerts via emailNot Disclosed
Salary Not Disclosed
1 Vacancy
Our client leading life sciences and medical diagnostics manufacturing client is looking for DevSecOps Architect (100% Remote East Coast). Kindly have a look at the details below and let us know if you are interested in this opportunity.
Job Title: DevSecOps Architect (100% Remote East Coast)
Job Duration: LongTerm Contract (Possibility Of Extension)
Company Benefits include:
Healthcare (Medical Dental & Vision)
Paid Sick leave
401k (with 2% employer match)
We are seeking a highly motivated professional with experience in Security and Privacy to join our dynamic team who will help with threat modeling application security posture management security orchestration vulnerability & weakness assessments to improve resilience of the organization and its product portfolio.
Develop securityascode & policyascode pipelines
Manage vulnerabilities (3rd party) and weaknesses (1st party) in products evaluating the criticality for an adequate prioritization and providing the most suitable remediation working directly with the product teams as a trusted advisor
Conduct vulnerability monitoring (ondemand) vulnerability scanning and other security
testing activities
Contribute to initiatives within the Diagnostic Division to achieve the integration of defense capabilities into the development of new products and in the update/upgrade maintenance and support of existing products in collaboration with Product Support teams.
Develop and automate technical workflows for investigations and assessments for cyber security vulnerabilities and drive onboarding of new products in Vulnerability Monitoring and provide training to relevant stakeholders in the organization regarding Vulnerability Handling and Incident Response.
Develop maintain and continuously optimize processes playbooks and tools for Vulnerability Monitoring Vulnerability Management Incident Response Threat Intelligence and Security Testing.
Evangelize security and privacy developing Security Champions across departments involved in the product development and operations
Maintain the product security controls and awareness supporting other PSPO Chapters (Solution Architecture Product Support and Compliance/Privacy).
Qualifications:
Minimum 3 years of related work experience in SDLC & cloud ops
Demonstrated experience in Cloud computing technologies full stack deployments etc.
Demonstrated experience in K8S AWS or GCP Docker and other cloud native tools
Demonstrated experience in Jenkins/ArgoCD/Tekton or another common CI/CD tool chain
demonstrated skills in Sigstore SBOM SLSA and secure software supply chain management.
Ability to develop Terraform K8S manifests or other forms of infrastructure as code Ability to codify Rego or Cedar policies
Demonstrated experience in SAST & DAST tools (Checkmarx Snyk Mayhem BurpSuite ZAP etc)
Demonstrated experience automating security controls (eg shell scripting python)
Indepth experience in managing information security and privacy risks and threat modeling.
Indepth experience in vulnerability handling pre and postmarket launch
Indepth experience in system and cloud infrastructure hardening
Strong understanding of industry standards: ISO 27000 family and HITRUST
Certifications are a plus: SANS GIAC (GCIH GPEN GCIA GCFA and others) CEH CISSP CISA CISM LA ISO27001.
Would you consider discussing this further If so please send us your availability and updated resume to at your earliest convenience.
Full Time