Full stack Engineer
Industry: IT/Banking/ Insurance
Duration: 08 Months
Date: 05-10-2023
Pay Rate: $62 (open for W2 or C2C)
Job Description:
- 3+ years of experience developing software using a modern programming language (e.g. Java, Python, JavaScript, Go, Ruby etc.), and experience developing and integrating RESTful APIs.
- 2+ years of security automation experience developing, integrating, and automating security in CI/CD pipelines.
- 2+ year of experience working with cloud native container technologies including Docker, Kubernetes and/or Serverless.
- Experience with OOP concepts and development patterns
- Ability to perform peer review of code for security analysis and train application teams on the process.
- Be able to communicate complex and technical issues to security-technical and non-technical audiences, verbally and in-writing.
- Experience implementing security tools into established CI/CD pipelines (e.g. Jenkins, GitLab etc.)
- Working knowledge of a range of security-related subjects such as threat modeling, data protection, application security, and vulnerability management.
- Experience with serverless deployments.
- Experience applying the Open Web Application Security Project (OWASP) Top Ten to web application design and code.
- DevSecOps security certifications recommended but not required (GCSA, CDP, DevSecOps Practitioner, etc)
- Extensive experience with Jenkins, GitLab, Bitbucket, Kubernetes/OpenShift, AWS
- Implemented and managed build lifecycle through CI/CD (Jenkins, GitLab)
- Implemented containerized solutions using Docker/Kubernetes/OpenShift
- An understanding of best practices around source control, specifically Git, GitFlow, branching, versioning and naming conventions.
- Experience with repository managers with preference for Nexus, Quay
- Extensive experience with Infrastructure as code, either CloudFormation or Terraform preferred.
- Experience working on Agile Scrum teams.
- Automation mind-set – an innate drive to continuously look for ways to automate existing processes.
- BA/BS Degree in Computer Science or related technical discipline, or equivalent practical experience.
Responsibilities:
- Work with application development teams to ensure that the vulnerability detection, false positive analysis, and gating process is implemented appropriately.
- Aid with the remediation of vulnerabilities identified during initial onboarding to the security CI/CD pipeline.
- Build security into the automation provisioning cloud resources through Infrastructure-as-Code tooling such as Terraform, CloudFormation, AWS CDK, etc.
- Coach teams on Tooling, CI/CD, Security concepts and Infrastructure Automation
- Partner with Development teams to ensure coding standards are in alignment with DevOps practices with respect to Tools, Standards and Security
Top 3 skills:
- Full stack developer experience – Java / JavaScript / Python.
- CI/CD pipeline; **Security experience – application security scanning.
- Automation mindset / collaborative / innovative.