Are you passionate about IT security? We are looking for a passionate and skilled DevSecOps Engineer to work with our developers and engineers and implement information security and data privacy controls in the Software Development Lifecycle (SDLC). Together with the Cyber Security Team, you will perform the analysis of our internal developed applications and services and propose solutions to protect against the latest threats and vulnerabilities, and define improvement actions.
As a DevSecOps Engineer, you will be in a position to directly influence the work of over 50 engineers across dozens of microservices that process hundreds of thousands of betslips per day through their whole lifecycle!
We're looking for someone with:
- CS or related degree
- Solid development background and progression as a security expert
- Knowledge of how to assess current applications and architecture to determine methods for automating security testing and control validation
- Security testing experience at scale by building and implementing static and dynamic analysis tools, open-source scanning tools, and integrating security into a CI/CD workflow
- Hands-on experience with tools and technologies used throughout secure SDLC (e.g., Burp Suite, AppScan, Fortify/checkmarx/Veracode, WhiteSource/Blackduck)
- Experience with containers and orchestration technology such a Docker and Kubernetes
- Application Security secure software coding practices and OWASP: Open Web Application Security Project
- Experience in web application security
- Passion about information security, eager to continuously learn and develop
Bonus points if you:
- Are experienced with Cloud Security - AWS/Azure/Google Cloud etc.
- Are familiar with DevOps, DevSecOps, and Agile SDLC methodologies
- Know your way around CI/CD processes, toolsets, and version control software like Jenkins, CircleCI, GitLab, GitHub
- Have used DBs such as PostgreSQL, Redis, MongoDB, CockroachDB
- Are familiar with Kafka-based microservices architecture
What you'll be doing?
- Be responsible for enabling a secure-by-default approach
- Working directly with engineering teams as they're building their services and making sure the key security principles are built into the architecture
- Enable engineering teams to scan their code for security issues and penetration testing
- Keep up-to-date on all new security challenges and work with our teams to develop protection mechanism
What do we offer?
- Working on challenging and interesting projects
- Using the latest technologies and tools
- Knowledge-sharing culture
- Competitive salary and bonuses
- Personal education budget
- 23 vacation days
- Flexible working hours
- Remote work whenever you need it
- Additional health care Insurance
- Multisport card
- Team budget
- Great colleagues community
- Travel opportunities
- Parking space
Should we talk? Let's talk!