Find Jobs Categories Salaries Career Paths Saved Blog

DevSecOps Engineer

3B Staffing

ArlingtonFull-timeMid LevelOn-site
Apply Now

Job Description

Local candidates only- must send documentation with name/address Candidate MUST be open to onsite interview as final interview What You'll Do: - Collaborate with a team of engineers to implement Morgan Stanley specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications. - Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes. - Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc. - DO NOT NEED TO KNOW , nice to have - With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines. - Support security standards, create templates and patterns to increase the efficiency and adoption of security program. - Good if familiar but they can train them on that These skills will help you succeed in this role: - Bachelor's degree with minimum 8 years of work experience in the IT field - 3+ years software development experience using Java, JavaScript - 3+ years of experience in the following: - OWASP Secure Coding Practices - GOOD TO HAVE - Common software and web application security vulnerabilities - Application security scanning tools - Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins) - Required - Experience in Python scripting - Required Even Better If You Have - A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field - Business acumen to support the implementation of SAST or DAST or IAST across the enterprise - Ability to perform code reviews with minimal assistance - A self-starter, with a strong desire for learning new technologies and applying them to solve problems - Experience with two or more of the application build environments like Jenkins, Gradle, Maven. - Familiarity with public cloud services a plus - Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype - Experience with Threat Analysis. - Experience with DevSecOps, Secure SDLC. - DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus - Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus

Posted 2 weeks ago

Related Jobs

Related Searches

Engineering Jobs in ArlingtonRemote Engineering JobsAll Engineering JobsAll Jobs in ArlingtonTechnology JobsHealthcare JobsFinance JobsMarketing JobsSales JobsDesign JobsHuman Resources JobsOperations JobsLegal JobsEducation JobsJobs in New YorkJobs in New YorkJobs in New YorkJobs in New YorkJobs in New YorkJobs in New YorkJobs in New YorkJobs in New YorkBrowse All JobsRemote JobsFull-time JobsPart-time JobsContract Jobs

Explore More Jobs

Browse jobs by category, type, and pay level

Job Search High Paying Jobs Remote Jobs Part Time Jobs Full Time Jobs No Experience Jobs Entry Level Jobs Tech Jobs Healthcare Jobs Finance Jobs Marketing Jobs Engineering Jobs Hiring Near Me Local Jobs Salary Jobs Weekend Jobs Best Part Time Jobs Data & Analytics Jobs Sales Jobs
Browse all jobs »
Apply Now