Cybersecurity – SecDevOps Specialist

We are trusted and recognized for our thought leadership by using innovative (security) technologies and help organizations in using innovative technologies in a secure way.

Our mission is to add value to the (innovative) digital business transformation of our clients by providing security advice, implementation, and operation.

Skills and Requirements:

The security consultant we are looking for has a basic knowledge of:
– the OWASP top 10
– the SSD standards framework of the CIP
– security testing and creating test scripts
– risk management within the SDLC
– risk-based testing
– reviewing security requirements within a user story or feature from a security perspective
– security (test) tooling, such as Burpsuite, Zapp, Nessus, Checkmarx and SonarQube
– secure coding

– translate the SSD standards framework into hands-on measures for applications
– involve the customer in the security (SSD) mindset

-Knowledge of test automation and Java / DotNet is a plus.

DevOps:
The security consultant has a basic knowledge of:
– the basic principles of Agile / DevOps
– (safely) setting up a CI / CD pipeline
– applying security tooling within the CI / CD pipeline
– at what times security should be part of the process within the pipeline

– helping the customer to set up security within a DevOps environment
– involve the customer in the DevSecOps mindset (for both Dev and Ops)

Cloud:
The security consultant has a basic knowledge of:
– Securing the cloud (where the product is hosted and/or development takes place)
– Cloud (DevOps) tooling and secure development
Specific other skills/knowledge necessary for this profile:

The security consultant can / has:
– translate the content so that it is understandable for the customer.
– motivating and coaching an Agile / DevOps team in a positive way
– give constructive feedback
– taking the customer along in the what, how, and why of necessary security processes
– provide insight into risks and clarify the necessity/consequences thereof
– understanding of security in relation to compliance (protecting assets with regard to business continuity and within the framework of legislation and regulations)
-experience with Stakeholder management

Ref:

69610

Posted on:

February 8, 2021

Experience level:

Experienced

Contract type:

Full-time