NetForce Ukraine

DevSecOps

віддалено
Форма роботи
повна зайнятість
Рівень
  • Senior
Навички
  • Hyper-V
  • GitHub
  • CI/CD
  • Sonarqube
  • IaC
  • SAST
20 days ago
Про вакансію

Responsibilities 

- leads a team of security professionals 

- builds and refines security systems and processes 

- implements, or drives implementation of, people, process, technical and audit controls to mitigate risk for the enterprise 

- manages workload, prioritizes efforts through a business and risk lens, sets clear objectives 

- develops and updates a comprehensive cybersecurity strategy 

- oversees the implementation of security policies, standards, and guidelines to secure the organization 

- ensures compliance with regulatory frameworks, in particular PCI and SOX, and these through a ISO/ITIL framework lens 

- stay abreast of the latest security trends, threats and technologies and uses these to continuously improve the effectiveness of security controls 

- guides the development and maintenance of incident response and disaster recovery plans

Вимоги

Requirements

- Application security / product security / DevSecOps experience (8+ years) working hands-on with engineering teams.

- Strong AppSec tooling experience: SAST, SCA, code scanning, GitHub / GitHub Advanced Security / SonarQube / Dependabot, and CI/CD integration.

- Ability to read code, assess real risk, and drive practical remediation.

- SSDLC / shift-left skills: threat modeling, security design reviews, vulnerability management.

- Strong application and API security fundamentals: authN/authZ, secrets, dependencies, injection, data protection.

- Experience with cloud-native delivery: containers, IaC, Git-based workflows, automation, and clear documentation. 

Буде плюсом

Nice-to-have

  • IaC scanning, container/image security, software supply chain, secrets management.
  • AWS cloud security experience.
  • Experience in regulated, audit-sensitive, or event-critical environments.