Senior Network DevSecOps Consultant
Netcompany is one of the fastest growing technology companies in the UK, recognised for disrupting the marketplace and helping to transform the IT sector. We deliver IT Transformation and Delivery services to some of the most well-known organisations in the UK and can count 18% of the FTSE 100 as clients, delivering services across several different sectors.
Netcompany have ambitious growth plans for the next few years and will continue to win and deliver multi-million-pound projects, offering a fantastic opportunity for all members of staff to grow with us and carve out a challenging, successful and rewarding career
We are recruiting for a passionate DevSecOps Engineer to work closely with our Network Team and partnering with Portfolios, Service Delivery Teams & Security Champions to implement and operate a CI/CD security model based upon DevSecOps Standards & Principles.
As part of the role you will be required to:
- Advise on technical consultancy on security best practices, and guide Portfolios and Security Champions in developing, adopting and enforcing security
- Provide Vulnerability assessments particularly in Network aspects of CI/CD into runtime, deliver remediation recommendations, and provide knowledgeable assistance in resolving identified vulnerabilities
- Actively involve in the continuous improvement of our DevSecOps Standards & Principles and security tooling by providing input into the direction of roadmap and contributing to the development of our automations and tooling
- Provide technical knowledge at all stages of the delivery lifecycle, including consultancy to stakeholders
- Build good working relationships with Portfolios and Developer Teams, gaining their respect and trust based on your knowledge and professionalism
- Understand existing processes and provide input into how to improve and streamline them in order to improve team efficiency and effectiveness
- Technical implementation of InfoSec & DevSecOps Standards & Principles methodologies, processes and tools and ensure compliance to enterprise architecture, global information security policies and overall firm strategy
- Contribute to the creation and ongoing maintenance of DevSecOps Standards & Principles & Patterns to reflect best practice and the effective security of new technology
- Serve as an escalation point for Portfolio & Service Delivery concerns if/when they arise & help to Identify appropriate resolution to achieve client satisfaction in a timely manner
- Monitor and manage CI/CD deployment and support
- Improve the accessibility of security through automation, continuous integration pipelines, and other means
- Design and implement technically complex designs and/or environment solutions to meet the Security control directives
- Manage own security backlog and delivery planning
- Provide security metrics and KPIs to the Security leadership team on a regular basis
- Previous experience working as a Dev SecOps Engineer – ideally in a similar size Enterprise
- Excellent knowledge of the secure Network operation of a CI/CD pipeline
- Implementing DevSecOps approach and tools within a large organisation
- Implementing and operating Cloud Native Security Solutions within a large organisation such as API Gateways, WAF and API security
- Knowledge & experience of detecting and mitigating Cloud Native security incidents, supporting SOC where needed
- Knowledge & experience of developing security automations
- Knowledge and experience of implementing CSPM and CWP tooling to aid the secure development of cloud native applications
- Cloud Security implementation, ideally Azure
- ·Working with Infrastructure as Code (IaC)
- Strong skills in at least one scripting language (Ruby/Python or equivalent)
- Exposure to Cloud Native best practice, market risks and industry trends
- Excellent understanding of containerisation / Cloud Native technologies (Docker, Kubernetes, Functions/Serverless, Microservices, etc)
- Understanding of DevOps tools (GitHub, Jenkins, Nexus, Github, etc)
- Strong knowledge of privileged access management, vulnerability management, secure remote access, secrets management and access control
Netcompany has existed in the UK since the acquisition of the very successful IT company, Hunter Macdonald in October 2017. Netcompany is one of Northern Europe’s most successful IT Companies, with offices in Denmark, Norway and Poland, Holland, UK and Vietnam.
Globally Netcompany employs more than 3000 of the most skilled IT Consultants and Developers. Despite the size we are an entrepreneurial company and we’re looking for people who are excited by the challenge of doing things differently. Our culture builds on low bureaucracy with a strong focus on high agility and flexibility.
Please be aware, that this role may be subject to basic security checks which may include a basic criminal records check.
Applicants will not be excluded on the grounds of sex, gender reassignment, pregnancy, maternity, race, marital status, disability, age, religion, belief or sexual orientation.