| F2F in Virginia with DL || DevSecOps Engineer || USC & GC only at Virginia, Minnesota, USA |
| Email: [email protected] |
|
DevSecOps Engineer Location: Arlington, VA(Hybrid) MOI: Onsite interview Visa: USC & GC only Morgan Stanley Title: DevSecOps Engineer, Jenkins, CI/CD, Python, Arlington VA 12months Job Description What You'll Do: Collaborate with a team of engineers to implement Firms specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications. Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes. Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc. With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines. Support security standards, create templates and patterns to increase the efficiency and adoption of security program. These skills will help you succeed in this role: Experience with DevSecOps, Secure SDLC. Bachelor's degree with minimum 8 years of work experience in the IT field 3+ years software development experience using Java, JavaScript 3+ years of experience in the following: OWASP Secure Coding Practices Common software and web application security vulnerabilities Application security scanning tools Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins) Experience in Python scripting Even Better If You Have A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field Business acumen to support the implementation of SAST or DAST or IAST across the enterprise Ability to perform code reviews with minimal assistance A self-starter, with a strong desire for learning new technologies and applying them to solve problems Experience with two or more of the application build environments like Jenkins, Gradle, Maven. Familiarity with public cloud services a plus Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype Experience with Threat Analysis. DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus Best Regards, Adarsh Sharma Senior Technical Recruiter || Max IT Consulting LLC 25 Oak Tavern Cir Branchburg, New Jersey 08876 Email: - [email protected] DISCLAIMER: Please respond as Remove if you are not interested to receive any email with this email address. We sincerely apologize for any inconvenience caused to you. -- Keywords: cprogramm continuous integration continuous deployment information technology green card Virginia F2F in Virginia with DL || DevSecOps Engineer || USC & GC only [email protected] |
| [email protected] View All |
| 09:28 PM 07-Jan-25 |