About the role
Let us introduce you to the job offer by EY GDS - a member of the global integrated service delivery center network by EY in the GDS office in Malaga, Spain. DevSecOps is one of the competencies within EY GDS Cyber Security AEET (Architecture, Engineering, and Emerging Technologies) practice with the following key offerings:
Developing security capabilities.Leveraging DevSecOps principles, design and implement Security solutions.Continuous Integration & Continuous Deployment with a Security mindset and focus.Assessment and Strategy Planning.Develop capabilities to deploy large-scale cyber countermeasure capabilities to detect and prevent sophisticated threats and vulnerabilities on enterprise networks.Ensuring compliance with enterprise architecture, security policies, and operational procedures.The opportunity
As a member of our team in the GDS office in Malaga, Spain, you'll have a chance to extend your knowledge & experience by working on exciting projects with the newest technologies and approaches. You'll support clients in choosing the most suitable business solution and participate in digital transformation.
Your key responsibilities:
Participating in market-facing activities. Use current technology and tools to enhance the effectiveness of deliverables and services. Play an active role in counseling and mentoring junior Cybersecurity team members. Resolving and reviewing the resolution of security vulnerabilities as needed. Maintaining an active understanding of industry practices for secure software development. Monitoring & Logging and Site Reliability.
Skills and attributes for success:
Understanding of or experience in an Agile Development Environment. Problem-solving and troubleshooting with an eye for details. Good communication and presentation skills. Ability to work in both collaborative and independent work environments. Proven ability to work as DevSecOps on projects. Excellent command of English (written and spoken).
To qualify for the role, you must have:
Experience in performing security architecture/threat modeling. Containers (Docker, Kubernetes, etc.). Infrastructure as code (Chef, Terraform, etc.). Continuous integration (Jenkins, etc.). Integration of Security testing tools into the pipeline. Defect tracking (Jira, Bugzilla, ServiceNow, etc.). Source code management (GitLab, GitHub, BitBucket, etc.).
#J-18808-Ljbffr