DevSecOps Engineer
New
D
DeelSaaS
BrazilFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 3+ years in Security, SecOps, or DevSecOps roles
- Required Skills
- DockerPythonGitJavascriptKubernetesTypeScriptCI/CD
Requirements
- 3+ years in Security, SecOps, or DevSecOps roles
- Hands-on experience creating, identifying and fixing infrastructure misconfigurations using policy-as-code and IaC security scanning tools such as Checkov, tfsec, or Terrascan.
- Basic programming skills in JavaScript, TypeScript, Python; experience with version control (e.g., Git) and CI/CD pipelines.
- Manage and tune WAF and firewall configurations (e.g., Cloudflare or equivalent).
- Familiarity with security principles, standards, and best practices, including common vulnerabilities (e.g., OWASP Top 10), secure coding, encryption, authentication, access control, and security testing.
- Proficiency in methodologies and tools, including understanding CI/CD pipelines, infrastructure automation (e.g., Docker, Kubernetes), configuration management, and monitoring/observability.
- Ability to assess risks and apply security controls, encompassing an understanding of threat modeling, risk assessment techniques, vulnerability management, and incident response planning.
- Effective collaboration with cross-functional teams (developers, security, operations), promoting security practices, and integrating security seamlessly into the development process.
- Proficiency in automation tools; knowledge of security scanners (e.g., SAST, DAST), vulnerability management systems, log analysis tools, and security-focused frameworks for automating security processes.
Responsibilities
- Develop and maintain automated security tools and processes to identify vulnerabilities, perform code analysis,monitor systems and conduct security testing.
- Work with infrastructure and operations teams to design and implement secure cloud infrastructure, network architecture, and deployment processes.
- Implement security monitoring tools and processes to proactively identify and respond to security events and anomalies.
- Foster collaboration and communication between development, operations, and security teams.
- Assist in compliance assessments and audits to ensure adherence to regulatory requirements and industry standards.
View Full Description & ApplyYou'll be redirected to the employer's site
