SecDevOps Analyst

Description

Job Summary: We are seeking a SecDevOps Analyst to integrate security into the software development lifecycle within the financial sector, ensuring secure systems from design through to production. Key Responsibilities: 1. Integrate security into the software development lifecycle 2. Collaborate with development, operations, and security teams 3. Automate and implement security controls using CI/CD We are currently searching for a SecDevOps Analyst to join a technology company focused on the financial sector. Mission Integrate security into the software development and delivery lifecycle, ensuring that systems, applications, and services are secure from the design stage through to production. Act as a bridge between development, operations, and security teams to implement and maintain agile security practices in a DevOps environment. Design and implement security processes within the development lifecycle. Collaborate with development, operations, and security teams to ensure that security best practices are seamlessly integrated into applications and systems. Automate the implementation of security controls using CI/CD (Continuous Integration/Continuous Deployment). Conduct application, infrastructure, and network vulnerability assessments. Perform security testing throughout the software development process, including static and dynamic code analysis. Configure and manage security monitoring tools to detect and respond to security incidents. Investigate and resolve security incidents, providing support during breach response. Develop scripts and automate security tasks to improve efficiency and reduce human error. Implement security tools. Ensure compliance with security and privacy regulations. Propose continuous improvements to security processes and practices. Provide training on security best practices for development and operations teams. A company focused on the financial sector. Designs innovative, digital, and accounting tools enabling more individuals and businesses to operate simply, securely, and effectively. Requirements DevSecOps and integration of security into CI/CD pipelines Vulnerability scanning of code and dependencies Security reviews of pull requests and source code Compliance enforcement within pipelines (e.g., OWASP ASVS, NIST DevSecOps) Static and dynamic code analysis (SAST/DAST) REST API security Benefits Private health insurance for you and your family. Home office expense reimbursement. Annual bonus based on goal achievement. Hybrid position: 2 days onsite, 3 days remote. TCR Travel Program. Ongoing professional development training programs. Language training. Birthday leave, discounts across various brands, additional vacation days, Gympass, and on-call clinical physician.