You are here
DevSecOps Consultant
Your role
In the context of our fast-growing company, we are looking for a DevSecOps Consultant to integrate our Secure Delivery practice. You will take part in stimulating consulting assignments and secure development projects.
Your main tasks will consist of:
- Guidance on establishing a secure software development lifecycle for cloud-based and on-premises software (Secure-SDLC / DevSecOps),
- Assessment of existing SDLC (i.e., SAMM Assessment),
- Helping teams to integrate security tooling in their development pipeline (SAST, DAST, SCA…),
- Occasional Java, C# or frontend development, depending on your skills,
- Developing our commercial vision in your area of expertise.
By joining this project, you will have the opportunity to:
- Develop your competencies and level of expertise through a continuous and ongoing, progression and active participation in training sessions,
- Provide input and participate in the definition of our commercial offer in your area of expertise,
- Be recognised by the client as being professional in your own area of expertise,
- Demonstrate your capability to work in a team and portray a positive attitude,
- Be recognised as being trustworthy by your project leader or client: precision of information, respect of the commitments, quality of the work, respect the deadlines and adequate reporting,
- Capitalise on the experience acquired within the department,
- Utilise or learn the tools or methodologies of the Practice and actively contribute to the development of these tools and methodologies.
Your profile
You have:
- Bachelor or Master degree or equivalent by experience
- Minimum 2 years of experience in applying security to development
- Uncompromised integrity: Respect the confidentiality of both client and company information
- Experience working with Scrum teams and of the DevSecOps mindset
- Experience with at least one of the top cloud providers (Azure, AWS or GCP)
- Deep analytical skills and structured thinking
- Knowledge of tools integrating with pipelines and strategy for remediation (prioritization, assessment, etc...)
- Basic understanding of network concepts and architecture
- Good working knowledge of both written and spoken English and French or Dutch
Considered as a plus:
- Experience with SAST, DAST, SCA
- Knowledge of at least one of the following tools: SonarQube, Fortify, Checkmarx, WebInstpect, ZAP, Dependency-Check
- Hands on experience in development (Java and/or C#)
- Kubernetes and containers
- REST APIs
- Experience with security principles and intrusion tools
Soft skills:
- Strong self-motivator and entrepreneurial pro-active attitude
- Able to prioritize activities, plan and execute
- Strong analytical and problem-solving skills
- Team player
- Excellent communication skills
- Eager to learn
- Uncompromising integrity
Interested?
Don’t wait and send us your application to jobs@approach-cyber.com. We look forward to talking to you soon.