Détails de l'opportunité de carrière

CTC004882 - DevSecOps Developper

Secteur industriel: Bancaire/Banking
Type d'emploi: Contract
Durée:
Mode de travail: On Site

Description

• Automation of application certificates full lifecycles: creation, revocation, renew (à la Let’s Encrypt)

• Manage applications secrets, using vaults (ex: Hashicorp Vault)

• Optimize identity management solutions

• Complete management of firewall ports using Infrastructure as code

• Integration of security scanning solutions in pipelines

• Reinforcement of CI-CD pipelines security (example: Docker images signatures)

Here’s the technical environment in which you would evolve at first:

• Collaboration (JIRA/Confluence)

• Source Code Management (Git-Bitbucket)

• Continuous Integration servers (Jenkins 2 with pipeline as code concept)

• Artefacts Management (Nexus, Artifactory)

• Quality Management Dashboards (SonarQube)

• Provisioning (Ansible, Terraform)

• More provisioning and orchestration tools (Docker/k8s)

• Deployed on multi cloud environments (private with OpenShift, publics with AWS, GCP-GKE)

• Applications Monitoring (AppDynamics, Datadog, etc.) to measure that all those wonderful applications deliver the expected business value to its customers

As a DevSecOps integrator, you are a generalist in all things DevOps, but you have a specialization in security.

Your Primary Responsibilities

• Develop security solutions using your developer skills and your security knowledge

• All the development you do uses everything as code paradigm and your code commits trigger full CI-CD pipeline up to production systems

• All the development you do is tested using test automation, developed at the right level, based on needs and context

• Everything that you put in production is monitored so that automatic fixes can take place in case of problems (using blue-green and-or canary deployments patterns)

• Everything that you put in production follows the High Availability (HA) best practices

• You work collaboratively with the bank’s security teams to ensure that developed solution can eventually be operated by them

What you should have to apply

• University degree in related fields with 3-5 years of experience or equivalent experience

• Bilingual (spoken/written) French and English ideal, but not mandatory

• You know what the Periodic table of DevOps tools is (and if not, when you'll see it, you'll get it!) and you master at least one tool per category on the table

• You have an above average security awareness mindset

Notre barre latérale

Bienvenue sur le nouveau site web de la CTC.