Title: Sr. DevSecOps Engineer
Duration: 6 + Months
Interview: Video
Location: Chicago is strongly Mush have and Dallas considered. All candidates are expected to be onsite from day 1 in a hybrid capacity with a minimum of 3 days per week onsite.
Visa: USC, GC, OPT/EAD, CPT/EAD, EAD/GC, H4/EAD
Must Haves…
Client: Financial services- financial background strongly preferred
We will need the following for submission:
- Full name
- LinkedIn profile link
- Visa copy and photo ID
- 3 managerial references- must be managers I cannot accept peer references. I will need full name, job title, company email, phone and LinkedIn profile link
NOTES:
we need DevSecOps engineers, not just DevOps.
candidate work history needs to demonstrate Docker Security:
Veracode
BlackDuck
Sysdig
Synopsys
API
Python, Java, JSON
position sits on application security team
Job Title: Sr. DevSecOps Engineer
Worksite: Preferred Hybrid Onsite (Chicago or Dallas) Chicago preferred
Our client has an Immediate Opportunity for a Sr. DevSecOps Engineer to join their team on a long-term contract basis.
Create custom Docker containers to pull results from vulnerability management tools, verify results using custom rules, and print results into report(s). This will require use of APIs and the ability to reformat reports from formats such as json and xml into human readable tables.
- Deliverables:
- Series of containers set up to run security requirements within Jenkins verification pipeline(s) and replace existing individual containers.
- Individual pipelines for users to run ad-hoc scans without using the full CI/CD build process.
- Documentation expected in our internal Wiki and in code comments.
- Develop and transition artifacts to operational teams, including documentation to troubleshoot, re-create, and leverage containers and outline of manual workarounds, if any.
Security CI/CD Tool Enhancements and Pipeline Maintenance - Perform maintenance of the CI/CD pipelines and existing security vulnerability management tools throughout the length of the engagement, including troubleshooting of issues in the pipeline and bug/feature enhancements.
- Deliverables: Updated security tool containers with requested feature enhancements made
Automate Ad-Hoc Security Engineering Processes - Develop custom scripts to automate routine Security Engineering tasks as requested.
- Deliverables: Custom scripts
Must Have:
- Programming knowledge and coding experience, particularly Python, JSON, JAVA, Javascript, and Bash
- Experience working with APIs
- Experiencing parsing (HTML, XML, JSON, etc.)
- Proficient in Github and Jenkins
- Docker experience in automating deployments and testing
- Strong communication and collaboration skills
- Preferred: Knowledge of secure coding practices as defined in OWASP Top 10 2021
- Ideal candidates will have experience with Veracode, BlackDuck, or Sysdig docker security tools.
- Integrating/implementing Synopsys into pipeline api for software risk management
- Troubleshoot the existing pipelines and the code for verification & scanning components
Thank & Regards
Sneha Singhal || Technical Recruiter
D: 215-798-9528, E: sneha@firstringsolutions.com
First Ring Solutions LLC | Philadelphia, PA 19102
Note: Due to the high volume of calls, I may miss your call, email is the better way to reach me.