DevSecOps

Yêu cầu ứng viên Bachelor Degree in information security, computer science.Experience working in an Agile, DevOps/SecDevOps environment.3+ years of experience working in software engineering role.2+ years of experience working in a Security role handling on premise and cloud infrastructures.Experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for everyday deployments.Minimum 3 years’ experience with Authentication and Authorization solutions.Experience with static code analysis for software or infrastructure as code, including SonarQube,Terraform.Experience with vulnerability scanners, including Tenable Nessus, Qualys, ...Understanding of secure software development practices - AppSec - Security and/or regulatory experience desired, OWASP 10 and Web Application Security, Mobile Application Security, API Security.Good knowledge of threat modeling, risk assessment techniques, code reviews, and with the latest security best practicesRequire good knowledge of CI/CD tools - Knowledge of GitLab CI/CD, Seleneoid, Jmeter, SoapUI, JunitRequire good knowledge in automatic configuration management tool - Knowledge of Ansible, TerraformRequire good knowledge of automated security tools - SAST, SCA, DAST, IASTGood knowledge of containers and orchestration platforms. Need to know how to create, build, deploy and manage containers in development and production environments - Docker, Kubernetes.Patterns/ Principles - Blue/Green Deployment - Canary Release, Feature FlippingIDE: Eclipse, Visual StudioPublic Cloud services knowledge: AWS, Digital Ocean.Knowledge of Logging & Monitoring tools: ELK, Grafana, DataDog, Prometheus.Experience in developing integration APIs and WebServices (REST/SOAP), API DevelopmentExperience, Knowledge of API Security