.Location: Spain (Remote)Employment Term: Full-Time, Permanent, Remote-basedSalary: Based on experienceWe're seeking a DevSecOps Engineer who will introduce cutting-edge processes, tools, and methodologies to balance needs throughout the software development lifecycle, from coding and deployment to maintenance and updates. If you're passionate about shaping a secure, efficient development environment, we want you on our team!Role and ResponsibilitiesPowerShell Azure Management with Azure CLIInfrastructure as Code (IaC) with ARM TemplatesVulnerability Management: Identify web application vulnerabilities, prioritize countermeasures, consult on mitigation strategies, and ensure timely resolution.Azure DevOps Security Management: Improve the existing automated vulnerability detection tools on Azure DevOps. Collaborate with developers to address findings and minimize false positives.Microsoft SDL Integration: Lead proactive code reviews to pinpoint vulnerabilities, while refining and incorporating the Security Development Lifecycle into our engineering processes.Offer specialized application security guidance on projects, system issues, and during stakeholder meetings.Monitoring: Assist in developing and maintaining an ongoing security assurance program including development of appropriate scripts and monitoring capabilities to verify security effectiveness, analyze data, develop trend analysis and ensure compliance to existing standards, policies, and procedures.Audit: Conduct technical security risk assessments with internal and external resources as needed.Essential Skills and ExperienceAt least three years relevant experienceProficiency in testing and identifying web application vulnerabilitiesStrong technical acumen with Azure infrastructure security, Microsoft security & core infrastructure components (virtualization, server management, active directory and identity & access management)Working knowledge of network security, firewalls and remote access technologiesDefine Azure data storage architectures and security strategies, and utilize them to analyze risksExcellent verbal and written communication skills (English B2 or equivalent level)Desirable Experience and SkillsProvide guidance on relevant application security industry standards and practices such as ISO27001, OWASP, ASVS, CIS, SANS, CWE, etc.Experience with test driven development, a plusUnit Testing experienceExperience working in Agile/SCRUM environmentDevelopment with App Services (Web Apps and Function Apps) and other Azure resources like SQL or RedisQualifications and RequirementsBachelor's degree (BsC) or equivalent years of experienceMicrosoft SharePoint, Office 365 or Azure Certified Developer would be nice to haveRecent experience working in a digital agency, development consultancy or similar environmentEnglish B2 or equivalent levelCompetitive package depending on your experience and location within the UK. Our standard working week is 37 hours
