Service Architect - (Security & DevOps)
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Vacancy title: Service Architect - (Security & DevOps)
Start date: ASAP
Contract duration: 3 months + extensions
Location: London or Sheffield
Role description
* Develop a technical architecture encompassing the tool suite of the service (AppScan, Checkmarx, Contrast, and Nessus), and how it interacts with the DevOps pipeline and end users
* Develop associated process documentation to outline:
* Onboarding process to the service
* Integration of the service into DevOps pipelines via Jenkins
* End-user interaction with the service
* Maintenance of the service
* Training materials for end-users
* Develop a governance/operating model to support and operate the service
* Interact with business and technical stakeholders to gather requirements to develop the deliverables outlined above
* Engage with product vendors as necessary to validate the feasibility of the architecture developed
* Work closely with project engineers to ensure the tooling they install and configure meets the specifications of the architecture
Required Skills
* 5+ years of software or security consulting
* 5+ years of progressive information security experience
* Bachelor's degree, or higher, in computer science, computer engineering, systems engineering or related discipline
* Familiarity with AppScan (DAST), Checkmarx, Contrast, and Nessus tools from an enterprise deployment perspective
* Familiarity with Jenkins and/or other build pipeline technologies
* Thorough understanding of SecDevOps methodology
* Thorough understanding of software, computer, and network architectures
* Understanding of application security best practices, standards, and frameworks
* Experience with designing enterprise level application security testing services
* Experience integrating automated application security testing activities into SDLC process on a global scale
* Experience designing processes/programmes within technical organizations
* Experience designing governance/operating models within technical organizations
* Experience working in agile development practices and DevOps models
Desirable Skills
* Security certifications (e.g. ISC2 - CISSP, CSSLP, GIAC - GWEB, GMOB, GSSP-.NET, GSSP-Java, GWAPT, ISACA - CISA, CISM, CRISC, CSX)
* Experience implementing, administering, executing or reviewing results from assurance activities (SAST, DAST, IAST, infrastructure scanning)
* Experience developing or delivering security training
Please submit CVs in the first instance