Based on experience
Job Description – DevSecOps Consultant
RiverSafe is a premier Security Consultancy with a proven track record of delivering security services to a number of FTSE 100 companies. We have established relationships with market leading technology vendors in Cyber Security and Big Data analytics space.
Due to the reliance on technology, there is an increase in the associated risks. Cybersecurity Operations is now high on the priority list for most organisations. Therefore, clients are overwhelmingly turning to RiverSafe for help and guidance on how to protect their assets, minimise business disruption and improve security.
Our clients place enormous trust and confidence in our expertise which has resulted in them often asking for our input outside the strict area of cybersecurity; typically, general systems architecture and operations.
At RiverSafe, we have ambitious plans to expand our portfolio by adding Managed Services practice. We continue to build our team and anticipate continued growth throughout the next five years. We need excellent people with passion for information technology to join us and to be part of our exciting growth strategy.
Being part of a dynamic, growing organisation offers an exciting career path full of opportunity. A position in RiverSafe will give the right candidate the opportunity to work with blue chip clients across EMEA and parts of Africa as our pipeline for work is growing rapidly.
DevSecOps Senior Consultant
4 years in DevOps with 2 years consulting.
Based on experience
You’ll be someone who can drive a security-as-code culture within the business and implement best practice in infrastructure and software security across their platforms. Someone who is used to working proactively to identify vulnerabilities within CI/CD pipelines, collaborating with engineering teams and coaching teams on cyber-security best practices. Basically, you’re the sort of person who can reel off the OWASP top 10 security risks in your sleep…
A large part of this role will involve working with the IT leadership to embed the right processes, tools and culture within the teams, so you’ll need to be confident and able to make recommendations to senior stakeholders, as well as conducting top to bottom security audits and managing the delivery of changes required to achieve industry recognised certifications.
The candidate will:
- Be responsible for the delivery of key services within our customers environment.
- Work in technical projects design and implementation of security systems.
- Perform data analysis and conduct forensic investigations when required.
- Promote a healthy security culture by providing knowledge and support to our customers and help create secure by design products and services.
- 5 years of experience working in DevOps/Security culture.
- Minimum 2 year of consulting experience.
- Strong architecture knowledge for developing security solutions and best practices, focusing predominantly on cloud platforms (AWS, Azure and GCP).
- 4 years Programming experience in Python.
- Strong unit test and debugging skills.
- Usage of CICD processes including the integration of security & quality tooling.
- Knowledge of DevOps processes and tools (Ansible, Jenkins, Git, Azure DevOps)
- Security Scanning tools (Static Code Analysis, Opensource and Container Scanning tools).
- Exposure to SIEM Tools such as Splunk/Log Analytics/Elastic/Exabeam.
- Able to produce clear documentation to support the development activities.
- Experience in working within modern application development and engineering teams using DevOps & Agile methodologies.
- Proficient understanding of code versioning tools.
- Experience of producing technical documentation and reports.
- Self-motivated, proactive, driven individual with strong problem-solving skills.
- Solid communication skills and expertise to translate technical jargon into business familiar language.
- Able to quickly understand and interpret customer problems and navigate complex organisations.
- Adaptable, able to quickly switch between projects, demands and environments.
- Self-motivated and self-educating, yet willing and able to work collaboratively with both customers and fellow RiverSafe consultants.
- Well organized with a healthy sense of urgency, able to set; communicate; and meet aggressive deadlines with competing priorities.
- Ability to work in a fast-paced, rapidly changing, Agile, competitive environment.
- Strong interpersonal, oral, and written communication skills
- Ability to work independently and in group environments.
- Ability & flexibility to travel within EMEA.
- BSc (or relevant work experience) in computer science, cyber-security or a related field including engineering, mathematics, and other STEM subjects
- Industry certifications (CompTIA, MSCA, LPIC) are a bonus.