Information Security Engineer – DevSecOps/AppSec
Hybrid work – 2 days in office in Wrocław , 3 days remote
Contract of Employment – full time job
30.000 PLN gross
We are looking for DEVSECOPS fou our Client – one of the bigest Airlines
We are looking for an Information Security Engineer, comfortable in working with minimal supervision. Will perform security architecture reviews of new and existing platforms. Partner with business units, departments providing input on security standard methodologies throughout project-lifecycles. Contribute to the Security program by performing reviews and security audits. Talk confidently about our Cyber Security program, and help integrate our business needs with our Cyber Security needs.
The SecDevOps Engineer provides operational & security expertise in executing technology strategies implementing secure software development measures into CI/CD pipelines and collaborating with dev teams to apply a shift-left security strategy in the development lifecycle.
Your responsibilities will include:
• Contributing features to internally developed Cybersecurity tools and integrating those tools into the DevOps pipelines.
• Oversee development lifecycles and analyze security information related
• Driving continuous improvement to the DevOps pipelines and processes and the Cybersecurity tools, services, and processes.
• Performing technology research from a security context for strategic, tactical, and operational business needs and deliver research results to internal stakeholders.
• Research appropriate security testing tools.
• Whitebox code review of these products, applications, and integrations where appropriate.
• Experience working with Cloud in a security-enabled environment.
• Strong experience with AWS is required.
• Proven ability to work independently, collaboratively as part of a global team and deliver to multiple deployment schedules.
• Proven experience with Web Application Security Testing, Code Reviews, Vulnerability Assessment, Penetration Testing & Generating Reports.
• Experience with (NIST, PCI) security controls, governance & risk management protocols.
• Relevant experience with application security, secure software development, and building security into software development workstreams
Please send your CV to us email@example.com