£650 - £700 per day
End: 31st Dec 2019
Rate: £650PD - £700PD
We are looking for a highly technical DevSecOps Consultant who has strong a Dev background, who can shape and advise on the development of a DevSecOps within a dynamic and rapidly changing truly global organisation.
The successful candidate must have previously built and defined a Dev/Security function.
*Work with senior security leadership to build a DevSecOps function.
*Help to develop the DevSecOps policies/procedures and documentation supporting the defined strategy.
*Advise and support Products, Projects and Programmes in DevSecOps methods and leading practice.
*Define policy for the security of CICD, (such as answering the question, what code can/cannot pass through gates
*Evaluate, recommend and support the implementation of:
oEffective security code scanning solutions;
oSecrets management solution;
oSecure use of open source code;
oIntegration of enterprise identity governance solution;
oSecuring Serverless architecture
*Strong Dev background, with the ability to communicate with highly technical DevOps engineers.
*DevSecOps thought leader, with the ability to communicate clearly and with authority to senior technical and non- technical leadership member.
*Security Scanning tools (e.g. Blackduck).
*Secret management tools (e.g. AWS secrets management).
*Security Serverless architectures (e.g. Azure Lambda).
*Deep understanding of Cloud Security.
*Demonstratable experience securing APIs, Container Security, Cloud Security.
*Demonstratable experience securing of Salesforce, SAP and other enterprise systems.
*Programming languages (Python, Java etc.).
*Deep knowledge of InfoSec frameworks (e.g ISO27001, NIST, PCI DSS etc).
*DevOps container/orchestration tools (Kubernetes, Docker, Puppet etc).