Full stack Engineer

Industry: IT/Banking/ Insurance

Duration: 08 Months

Date:  05-10-2023

Pay Rate: $62 (open for W2 or C2C)

Job Description:

• 3+ years of experience developing software using a modern programming language (e.g. Java, Python, JavaScript, Go, Ruby etc.), and experience developing and integrating RESTful APIs.
• 2+ years of security automation experience developing, integrating, and automating security in CI/CD pipelines.
• 2+ year of experience working with cloud native container technologies including Docker, Kubernetes and/or Serverless.
• Experience with OOP concepts and development patterns
• Ability to perform peer review of code for security analysis and train application teams on the process.
• Be able to communicate complex and technical issues to security-technical and non-technical audiences, verbally and in-writing.
• Experience implementing security tools into established CI/CD pipelines (e.g. Jenkins, GitLab etc.)
• Working knowledge of a range of security-related subjects such as threat modeling, data protection, application security, and vulnerability management.
• Experience with serverless deployments.
• Experience applying the Open Web Application Security Project (OWASP) Top Ten to web application design and code.
• DevSecOps security certifications recommended but not required (GCSA, CDP, DevSecOps Practitioner, etc)
• Extensive experience with Jenkins, GitLab, Bitbucket, Kubernetes/OpenShift, AWS
• Implemented and managed build lifecycle through CI/CD (Jenkins, GitLab)
• Implemented containerized solutions using Docker/Kubernetes/OpenShift
• An understanding of best practices around source control, specifically Git, GitFlow, branching, versioning and naming conventions.
• Experience with repository managers with preference for Nexus, Quay
• Extensive experience with Infrastructure as code, either CloudFormation or Terraform preferred.
• Experience working on Agile Scrum teams.
• Automation mind-set – an innate drive to continuously look for ways to automate existing processes.
• BA/BS Degree in Computer Science or related technical discipline, or equivalent practical experience.

Responsibilities:

• Work with application development teams to ensure that the vulnerability detection, false positive analysis, and gating process is implemented appropriately.
• Aid with the remediation of vulnerabilities identified during initial onboarding to the security CI/CD pipeline.
• Build security into the automation provisioning cloud resources through Infrastructure-as-Code tooling such as Terraform, CloudFormation, AWS CDK, etc.
• Coach teams on Tooling, CI/CD, Security concepts and Infrastructure Automation
• Partner with Development teams to ensure coding standards are in alignment with DevOps practices with respect to Tools, Standards and Security

Top 3 skills:

• Full stack developer experience – Java / JavaScript / Python.
• CI/CD pipeline; **Security experience – application security scanning.
• Automation mindset / collaborative / innovative.