IT SECURITY ENGINEER (DevSecOps)

Place of work: Bulgaria

Talent Hunter is an IT and Telecom Recruitment Company located in Bulgaria ensuring the best professional opportunities for talents in the high-tech industry and providing quick and cost-effective solutions to client companies seeking the best talent for their business.
We believe that each one of us is designing our life through the everyday choices we make.

Licensed by MLSP, license N 2651, valid from 29.10.2018

Our client is specialized in market research and has been a reliable and trusted insight partner for the world’s biggest companies and leading brands who make a difference in every consumer’s life – and they will continue to build on this. They connect data, science, and innovative digital research solutions to provide answers for key business questions around consumers, markets, brands, and media.

As they are expanding their team in Bulgaria, currently we are looking for: IT Security Engineer (DevSecOps)

Main Responsibilities:

• Design, configure, implement and maintain all security platforms and their associated software, such as firewalls (application and database), intrusion detection/intrusion prevention systems, Endpoint Security, SIEM, DLP, and others.
• Daily triage, and update/resolution of tickets generated by the internal ticketing system and respond to inbound phone and electronic requests for technical assistance.
• Execute security risk assessments for new systems and upgrades to determine the impact on information security.
• Participate in and support internal and external technical audits.
• “Shift left” and automate security wherever possible
• Work with engineering squads (Developers, SREs & QAs) to ensure that projects are secure on delivery
• Conduct risk assessments of web applications
• Support security incidents involving Cloud environments and web services
• Assist in maintaining a CMDB of web applications and performing risk assessments of the applications
• Assist with management and tuning of the Web Application Firewall (WAF)
• Provide periodic vulnerability testing and lead remediation efforts.

Qualifications:

• Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization
• Understanding of network devices like firewalls, routers, etc., and platforms such as Windows, Unix, etc.
• Ability to review and analyze vulnerability data to identify security risks to the organization’s network, infrastructure, and application’s and determine any reported vulnerabilities that are false positives
• Relevant IT background (IT Security Analyst or DevOps)
• A good understanding of securing public cloud technologies (AWS & GCP)
• Full understanding of web stack, web security, and common vulnerabilities (e.g. SQLi, XSS, etc.)
• Proficiency in Bash, Python, Perl, PowerShell, or other scripting languages

Would be a great advantage if you have experience with:

• Ability to work with APIs and plugins to integrate security tools into established CI/CD pipelines
• DevOps Automation using Jenkins, Puppet, Ansible, GitLab, etc
• Experience with securing container technologies including Docker and Kubernetes
• Ability to think like a hacker
• Strong knowledge of OWASP

If you think this is the right challenge for you, please apply for the contact form. Only shortlisted candidates will be contacted!