Job summary

Hi All, I'm currently recruiting for this position. Please click on the job title below to view the Job Description and apply to it!

Key skills required for this role

SecDevOps Engineer - Outside IR35 Contract

Important

SecDevOps Engineer - Outside IR35 Contract

Job description

As a SecDevOps engineer you will work as part of a team. You'll work closely with the Product Manager, Product Owner and Scrum Master to define and embed a robust, secure approach to delivery of a software product across multiple teams. You will be responsible for ensuring that:

• the software development documentation is complete to meet applicable security standards and practices (e.g., SECDEVOPS, OWASP SAMM2.0) to enable accreditation
• the team are following the defined security procedures
• gate review activities for each stage of the process are identified & that required evidence and outputs are clearly defined and generated for each software release
• appropriate tools are in place to provide supporting evidence / outputs that demonstrate a robust process is being followed
• the process is monitored, security controls are in place, risks are assessed and managed, security incidents are managed

Who we're looking for

A SecDevOps engineer with experience of working in an Agile Team(s) to deliver a software product. The role will make a key contribution towards the successful development, delivery, and accreditation of an expanding product

Essential Experience

• Working as part of an agile team to embed a culture of security in delivery
• Engaging with IA and security accreditors to demonstrate a robust, secure approach to delivery
• Experience of working throughout the SecDevOps lifecycle
• Working with a Product Owner and Scrum Master to ensure secure software delivery
• Experience of Continuous Integration/Continuous Development tools and processes, preferably Azure DevOps

Desirable Experience

• Gathering and presenting metrics to provide evidence of good practice
• Use of appropriate Code Quality Tooling e.g., SonarQube
• Experience of delivering products which can be deployed into secure domains
• Experience supporting ISO 27001 audits, or similar standards

Skills and attributes

• Excellent communication skills both oral and written
• Ability to work autonomously and use initiative
• Self-motivated and a quick learner
• Attention to detail
• Driven to produce quality work
• Willingness to learn new skills