Trinity - Manager - DevSecOps

Description :

- Create and implement security practices & tools within CI/CD pipelines where applicable to integrate security into the DevOps lifecycle.

- Identify, evaluate, and remediate security vulnerabilities in applications and infrastructure.

- Design, develop, & implement solutions to address infrastructure & security requirements.

- Develop, manage & integrate into CI/CD pipelines automated security testing processes.

- Oversee security incidents, including monitoring, analysis, and response.

- Align security practices with project goals in development, operations, & security teams.

- Set up and manage security monitoring tools and processes.

- Ensure team creates and maintains comprehensive documentation of security practices, procedures, and incidents.

- Provide training & guidance to team on security best practices & emerging threats.

- Be apprised of latest developments in DevSecOps & Cloud to keep the DevSecOps processes current and relevant.

- Build and support a team of DevSecOps Engineers.

Qualifications :

- At least 5 years of proven work experience in DevSecOps, security engineering, or a related field.

- At least 3 years of people management experience.

- Bachelors degree in computer science, Information Security, Physics, Mathematics, or a related technical field.

- Good understanding of security principles, tools & practices for experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD).

- Proficiency in scripting languages (e.g., Python, Bash).

- Knowledge of security practices for AWS, , and GCP.

- Expertise in vulnerability scanning and assessment tools, such as Snyk and InsightAppSec, and familiarity with security services like Wiz, SIEM, SOC, and SentinelOne.

- Skills in managing security incidents and conducting threat analysis.

- Familiarity with configuration management tools.

- Knowledge of API Security, Container Security, and AWS Cloud Security.

- Understanding compliance standards and policies such as, HIPAA, SOC2, GDPR, and CCPA, including related certification and audit processes.

- Strong communication skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.

- Continuously monitor security controls for all IT Security frameworks.

Other Skills :

- Relevant security certifications such as CISSP, CEH, AWS Certified Security Specialty.

- Experience with security frameworks and standards (e.g., NIST, OWASP).

- Skills in penetration testing and ethical hacking.

- Experience with DevOps tools (e.g., Docker, Kubernetes).

- Masters degree in Cybersecurity, Computer Science, Information Security, or a related field.