Back to careers

DevSecOps Engineer

The DevSecOps Engineer will be responsible for keeping our company's and clients' IT secure and compliant by ensuring the reliability and efficiency of the development and deployment processes. To provide a robust CI/CD pipeline, enabling code to be validated for quality and security and deployed continuously.  You must have the latest knowledge of threat modelling, risk assessment techniques, code reviews, current best practices, and the latest cybersecurity threats. Your role is to present solutions to stakeholders to assist in the decision-making process for using the right technologies to solve the right problems.

Apply now
Please note that we use third-party systems to facilitate the process. Please read our Privacy Policy to learn more.

Skills & requirements

01.
ESSENTIAL QUALIFICATIONS & SKILLS
  • Background & Experience: Originating from an open-source operating system background, candidates should possess a minimum of 5 years in IT, with 3 years focused on DevSecOps roles.
  • Cloud Expertise: Demonstrated experience working in cloud environments, with a deep understanding of cloud architectures, services, and best practices.
  • Penetration Testing & Security Analysis: Proficiency in conducting penetration tests and thorough security analyses to identify vulnerabilities and suggest remediation measures.
  • Programming Skills: Strong coding capabilities, with experience in languages such as Python, Go, Java, JavaScript, and TypeScript, to develop and integrate security solutions.
  • Certifications: Possessing industry-specific certifications, such as AWS DevOps or Security, will be considered an advantage.
  • Leadership & Communication: Prior experience leading teams complemented by excellent communication and leadership abilities.
  • Problem-Solving Abilities: Exceptional troubleshooting skills, with a knack for addressing complex technical issues.
  • Incident Response: Demonstrated ability in IT Incident Response and handling security breaches.
  • Networking: A foundational grasp of networking principles and experience with firewalls from brands like Fortigate, Palo Alto, and Mikrotik.
  • Process & Documentation: Process-driven mindset with the ability to produce clear documentation supporting development and security activities.
02.
WHAT YOU WILL DO:

Security Integration

Collaborate with development teams to integrate security best practices into the software development process

Conduct regular security assessments, code reviews, and vulnerability scans to identify and remediate security issues.

Security Automation

Develop and maintain automation scripts and pipelines for building, testing, and deploying software. Implement infrastructure as code (IAC) to automate infrastructure provisioning and configuration management.

Security Testing

Implement and manage security testing tools and processes, including static application security testing (SAST), dynamic application security testing (DAST), and container security scanning.

Project Planning

Provide guidance and expertise on system options, risk, impact, and costs vs. benefits.

Create and share operational requirements and development forecasts to allow timely and accurate planning of projects.

Development

Install and configure solutions, implement reusable components, translate technical requirements, assist with all stages of test data, develop interface stubs and simulators, and perform script maintenance and updates.

Deployment

Design, implement, and manage robust CI/CD pipelines that accelerate software delivery while maintaining code quality and security.

Build automated deployments through the use of configuration management technology.

Performance Management

Implement comprehensive monitoring and logging solutions to ensure timely issue detection, rapid incident response, and proactive performance optimization.

Give recommendations for enhancing performance via gap analysis, identifying the most practical alternative solutions, and assisting with modifications.

Maintenance and Troubleshooting

Responsible for routine application maintenance tasks.

Create requirements and procedures for implementing routine maintenance. 

Diagnose and resolve complex issues in production environments, contributing to high system availability and reliability.

Debugging software for optimum functioning

Reproducing and locating the source of reported bugs and issues.

Fix bugs and issues.

Communicate errors and solutions to product owners.

03.
FAMILIARITY WITH THE FOLLOWING TECHNOLOGIES WOULD BE IDEAL
  • Container Orchestration: Docker and Kubernetes.
  • Cloud Platforms: Specifically AWS.
  • Infrastructure As Code: Tools such as Terraform and Ansible.
  • Kubernetes Package Manager: Experience with Helm Charts.
  • CI/CD Tooling: Familiarity with Gitlab, Jenkins, CircleCI, among others.
  • Penetration Testing Tools: Tools like Burp Suite, W3af, and Zed Attack Proxy.
  • Vulnerability Assessment: Hands-on experience with tools like Nessus and Metasploit.
  • System Monitoring: Tools including Datadog and New Relic.
  • Cloud Security Posture Management: Knowledge of solutions such as Datadog, Prisma Cloud, and Aquasec.
  • SIEM Tools: Familiarity with SIEM solutions like Datadog, Splunk, Log Analytics, Elastic, or Exabeam.

Stack

Benefits

Flexible Working Opportunities
Unlimited Growth Opportunities
Access To Online Learning
Employee Assistance Programme
View more benefits
Apply now
Share
Apply now

Byte Orbit (Pty) Ltd (Reg No. 2015/169050/07)
2nd Floor, South Block, Sable Park, Bridgeways Precinct
Century City, Cape Town, 7446

+27 21 492 5184
inbox@byteorbit.com
byteorbit.com

Cookies...yum

We have placed cookies on your device. See our Cookies Policy & Statement here.

OK