The Software Developme specialist in DevSecOp s, is a pivotal role focused on identifying and fixing software vulnerabilities, particularly in SCA, SAST, and Tenable, across both legacy and modern software. This role involves systematically applying DevSecOps solutions to address vulnerabilities as they arise. The ideal candidate will develop efficient solutions to enhance our vulnerability management processes. We are looking for developers who specialize in software integration systems and APIs within an Azure, BizTalk, and .NET environment.
Responsibilities
- Analyze the SCA, SAST and server types of vulnerabilities around the integration system, and identify systematic and automated solutions to put in place
- Implement and test the software fixes and / or the DevOps solutions to automate the fixing mechanisms proposed
- Work with the team to integrate test automation tools and mechanisms for API component testing, regression testing.
- Design, implement, maintain and improve CI / CD pipelines for several products, for multiple environments and multiple situations
- Implement proofs of concept (AI, automated workflows, Moderne.ai, etc)
- Work with the business squads to improve their security pipelines, making sure that security scanners, controls, policies and regulations are compliant.
Requirements
10 years in Software Engineering with knowledge of the SDLCStrong knowledge and demonstrated experience in software securityDemonstrated and strong experience in agile projects on Azure DevOpsStrong knowledge in Test Automation Tools, such as Python and Robot Framework, PostmanStrong understanding of automation in general and its benefits (do twice=automate)Knowledge of version control software good practices and GitKnowledge of Terraform and Infrastructure as CodeKnowledge of security SCA and SAST scanning tools like Mend, Snyk, etc.Effective communication skills with ability to understand the squad’s priorities and propose technical decisions tied to prioritiesStrong knowledge of Azure DevOps pipelines (YAML) or similarStrong knowledge of bash or Powershell or other scripting tools to automate actions