DevSecOps Sr

Packer, TeamCity, K8s, Terraform, 

AMI definitions, Kick Images building, images are K8s, Infra Automation

-Experience on AWS Security Hub

-Good experience on Security best practices, hands on.

-Experience designing and implementing security measures for CI/CD.

Design and implement security measures for Continuous Integration/Continuous Deployment (CI/CD) pipelines. 

Design and implement Threat Modeling. 

Design and implement processes for Vulnerability Management within the software development lifecycle. 

Implement Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) & Static Code Analysis (SCA). 

Conduct threat modeling and Application Risk Analysis (ARA), considering technical design and infrastructure. 

Design and implement procedures for executing Security as Code. 

Implement and adhere to security frameworks such as DSOMM, SAMM, and Cloud Security, ensuring compliance with architectural security guidelines. 

Establish and implement a Zero Trust Framework to enhance security posture. 

Implement Fuzz Testing and Penetration Testing. 

Establish Digital Signatures to ensure the integrity and authenticity of components. 

Participate in the creation of technical user stories, incorporating security design principles and requirements in collaboration with the Infrastructure Engineer and Product Owner. 

Applies Security configurations during Deployment and Operation to ensure secure operations. 

Execute Continuous Security Scans to identify real-time security issues. 

Applies Security Patches and Policies according to Infrastructure. 

Implement Continuous Monitoring to identify and respond to security threats. 

Perform periodic Security Analysis to evaluate the effectiveness of security measures.