DevSecOps - Life Insurance Project

Job Purpose The Senior Engineer, DevSecOps is responsible for providing communication, integration, automation, and fluid cooperation between all cross-functional teams to plan, develop, test, deploy, release, and maintain a solution; executing the design, implementation, automation, and enhancement of the Continuous Delivery/Continuous Integration pipelines that represent the DevSecOps ways of working, workflows, and git operations to deliver functionalities from proof of concepts to an on-demand release of value to the end user. Key Accountabilities Main work: - Continuous Delivery Through DevSecOps Factory: + Build, map and optimize the delivery of Continuous Delivery pipelines by addressing key elements such as: Process time, Lead time, Delay time, Percentage of completion and accuracy. + Continuous Exploration by analyzing and researching the development and implementation of new technologies/features; modification and improvement of existing architectures; define and prioritize activities in the platform backlog according to its needs. + Continuous Integration by building, integrating features, bugs fixing the new versions of services and platforms; automating end-to-end testing and validating application services on non-production environments. + Continuous Deployment of services and platforms from non-production all the way to production. + Release applications/services features fast, efficiently, and first to market on demand of business. - DevSecOps Factory: + Build, implement, improve and measure DevSecOps factory: Tools Chain, Culture, Ways of Working, Mind Set + Build, automate, enhance, and integrate security governance: Application and platform continuous security monitoring; API security Testing; Penetration testing; Protocol Fuzzing; Threat Modeling. Key Accountabilities (2) Optimization and compliance: - Implement and enhance automated Test and Verification, with: + Verification of expected business value. + Defects found and fixed immediately (Roll forward) - Increase visibility with automated generation of Information and Reporting, by providing: + Dynamic self-service of information + Customizable dashboards + Cross-reference across organizational boundaries - Engage stakeholders early and consistently throughout the SDLC, leading to few defects and incorrect requirements. - Build trust between software engineering and IT, enable organic process improvement and risk mitigation. - Maximize business value by enabling technical staff to adapt to changing requirements or environmental factors. - Ensure that team members fulfill their commitments on service quality and comply with the Bank's regulations and policies.