DevSecOps Engineer (613797)
Role Summary
You are a highly skilled DevSecOps Engineer with experience working for top startups. The ideal candidate will be able to demonstrate expertise in software security frameworks and threat analysis, including OWASP tools and strategies. You will work closely with development team leads and the Head of Engineering & Data.
You can self-manage work to meet deadlines and provide a proactive and efficient service to team, members, and stakeholders.
On offer is an opportunity to join a flexible and friendly workplace with a collaborative and positive culture, where you can feel valued and trusted. You will work alongside passionate colleagues and will have the opportunity to help support the diversity and growth of the business in Australia, New Zealand and around the world. The organisation prides itself in being committed to its people, seeking feedback from their teams frequently.
Skillset Required
Bachelor's degree in Computer Science, Engineering, or a related field.
4+ years of experience in DevSecOps.
Experience with Terraform and/or AWS CDK – Cloudformation.
Familiarity with AWS Platform and services: Lambda, Glue, SQS etc.
Proficiency in containerisation and orchestration tools (Docker, Kubernetes).
Solid understanding of CI/CD processes and tools (Bitbucket Pipelines, Github Actions).
Basic knowledge about Airflow, Python Scripting.
Demonstrated expertise in software security frameworks, threat analysis, including OWASP tools and strategies.
Excellent problem-solving and analytical skills.
Strong communication and collaboration skills.
Key Accountabilities
Build and configure infrastructure using infrastructure as code (IaC) tools like Terraform or Cloudformation to automate server provisioning, configuration, and management.
Set up and maintain continuous integration and continuous delivery (CI/CD) pipelines to automate code building, testing, and deployment processes.
Utilise containerisation technologies like Docker and orchestration platforms like Kubernetes to manage and scale containerised applications.
Troubleshoot and resolve production issues, identify root causes, document the findings and implement solutions to prevent future occurrences.
Set up and configure monitoring tools to track application performance, infrastructure health, and identify potential issues proactively.
Responsible for planning and implementing security policies, security practices into the development process, ensuring compliance with relevant regulations.
Create and maintain documentation for tools, processes, and procedures followed.
Continuously learn and stay updated on the latest DevSecOps tools, technologies, and best practices to optimise processes and implement improvements.
Define and track relevant metrics to measure the effectiveness of DevSecOps practices and identify areas for further improvement.