Netsentries FZCO is seeking a Security Engineer with expertise in CI/CD Security (DevSecOps). This role is integral in ensuring the security and integrity of our CI/CD Platform, particularly focusing on DevSecOps and Kubernetes security. A significant aspect of the role involves conducting security assessments, recommending designs and enhancements, troubleshooting.
Key Responsibilities:
- Conduct security assessments and audits within CI/CD pipelines. Familiarity with tools such as Jenkins, ArgoCD and GitHub Actions
- Review and enhance security measures for Kubernetes and container deployments.
- Implement and review security practices in cloud-native environments, knowledge about service mesh architectures, API gateways and the CNCF landscape into DevOps processes.
- Oversee security aspects of orchestration platforms like OpenShift.
- Collaborate with various development teams to bring continuous improvement in DevSecOps processes and tools.
- Develop and maintain security documentation and guidelines for CI/CD pipeline tools and processes.
- Relevant certifications (e.g., Certified DevSecOps Professional (CDP)) are a plus.
- Work Closely with engineering teams to ensure security while architecting and building new systems.
Qualifications:
- Strong background in CI/CD and container technologies.
- Proven experience in securing Kubernetes and containerized environments.
- Proficiency in at least one scripting language: Python, Bash, NodeJS
- Familiarity with OpenShift, ArgoCD, GitHub Actions, Istio, and DevSecOps methodologies.
- In-depth knowledge of containers, Kubernetes, docker, API Gateway, Jenkins
- Ability to design and implement robust security protocols and measures.
- Understanding of network segmentation, Network Policies, Egress policies etc.
- Strong analytical and problem-solving skills.
Soft skills:
- Ability to collaborate with multiple stakeholders and manage their expectations from a security perspective.
- Holistic thinking; must balance security and functionality using practical demonstrable examples. Must also contribute to and implement “good architecture principles” to lower technical debt.
- Assertive personality; should be able to hold her/his own in a project board or work group setting.
- Superlative written and verbal communication skills; should be able to explain technical observations in an easy-to-understand manner.
- Can work independently and self-motivated.
Preferred Certifications:
- Certified DevSecOps Professional (CDP)
- Certified Kubernetes Security Specialist (CKS)
- Any other equivalent certification for DevSecOps