DevSecOps Consultant

Be a champion for shifting security left.

Summary

Layer 8 Security is seeking a motivated professional with technical skills to support our customer’s desire to improve the security, quality, adaptability, flexibility, and utility of software solutions. The candidate will help organizations shift security left and transition to a self-service delivery model for DevSecOps teams that provide a flexible and secure development environment.

If you have a strong passion for security and technology, have an interest in supporting innovative projects, and want to gain real-world experience in leading DevSecOps implementations, we have a role for you!

Role Responsibilities
  • Work with clients to analyze, evaluate, and enhance the effectiveness of their application security posture at procedural and technological levels.
  • Use knowledge of current application security best practices and industry trends to support the implementation of application security solutions for our clients.
  • Provide technical leadership with respect to the development and execution of our key application security service offerings, including:
    • Conducting assessments of applications (web, cloud, mobile) using a range of manual and automated testing and source code review techniques
    • Performing security architecture reviews of applications in design and production phases
    • Identifying potential threats and attacks to applications and their supporting systems
    • Identifying security recommendations
    • Evaluating, developing, and enhancing application security programs for our clients
  • Use current technology and tools to enhance the effectiveness of deliverables and services.
  • Produce professional reports that effectively communicate security concerns to both technical and non-technical stakeholders.
  • Play an active role in mentoring junior team members.
Qualifications and Requirements
  • Demonstrated experience evaluating DevSecOps programs to determine how to effectively embed security activities within
  • Experience working with clients to evolve their development programs to embed application security tooling and processes
  • Demonstrated ability to learn and adapt to different CI/CD systems
  • Experience performing manual application penetration testing and security code reviews
  • Experience working in Agile development, application security, or DevOps role, with preferred experience in the following:
    • Containerization and associated technologies (Docker, Kubernetes, or similar)
    • Infrastructure as code (Chef, Terraform, Ansible, or similar)
    • Continuous integration (Jenkins, or similar)
    • Application security testing tools (SAST, DAST, IAST)
    • Cloud environments (Azure, AWS)
    • Source code management (Git, or similar)
    • Defect tracking (Jira, ServiceNow, or similar)
Bonus Points
  • Industry certifications relating to security and/or penetration testing (CISSP, GIAC, GPEN, OSCP, CEH, Open Group Certified Architect)
Employee Perks
  • Medical, vision, and disability insurance program
  • Employer-funded life insurance for all employees
  • Unlimited vacation policy with a requirement to take at least two weeks
  • Encourage and compensate for advanced training, certifications, and industry events
  • Have a voice and be heard with the opportunity to make a positive difference

To apply for this position, please email cover letter and resume to info@layer8security.com

BACK TO CAREERS

Layer 8 Security is an equal opportunity employer.

Talk with our award-winning team