DevSecOps Security Specialist

Extelligence is an intelligent partner that goes the extra mile. We provide customized information management solutions for major industries. Our team in Prague and Bucharest is working with international companies, transforming, and adding value to their business on a daily basis. We are growing quickly, and we are interested to bring more talented individuals into our team.

What will be your task

  • Ensuring the security of the DevOps environments and CI\CD pipelines
  • Providing leadership in the DevSecOps areas of Container Security, Cloud security, API Security, Vulnerability Scanning, Certificate Management, Secrets Management, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts. Cooperate on integration of software development projects into the infrastructure
  • Defining compliance requirements based on Policies and Standards
  • Support the Security Automation and infrastructure as code
  • Develop an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open and closed source solutions
  • Ensuring proper documentation of the processes and systems

What requirements should you meet:

  • Good knowledge of DevSecOps, ability to implement security features and GPOs
  • Knowledge of security best practices/standards/principles such as Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
  • Networking experience/knowledge and broad understanding of network protocols and services (e.g. FTP, HTTP, SSH, SMB, LDAP)
  • Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, Clair, Sonarqube, NMAP, etc).
  • Ability to review and analyze vulnerability data to identify security risks to the organization’s network, infrastructure, and application’s and determine any reported vulnerabilities that are false positives.
  • Coordination and remediation of vulnerabilities within established timeframes.
  • Proficiency in Python, Bash and/or other programming and scripting languages.
  • Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
  • Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
  • DevOps Automation: GitHub/Gitlab, Azure DevOps, Jenkins (any), Helm charts
  • Knowledge of Kubernetes, Docker, container orchestration platforms (OpenShift, Rancher), container image registers (dockerhub, harbor)
  • Knowledge of Secret Scanning, Secure code analysis, Dynamic Application Security Testing, Static Application Security Testing tools, Container Scanning, Infrastructure as Code Scanning

Your advantage will be:

  • Experience with network communication analysis tools (e.g. tcpdump, Wireshark)
  • Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools
  • Experience with PKI management
  • Possession of any of the following certifications: MCSE, MCSA, CISSP, CEH, GCIA, GPEN, GCIH, GSEC, etc.

Working with Extelligence:

  • We take care of the important things that matter to contractors, for example, we guarantee on-time payment for your work. You will never have to chase us for payment.
  • We always seek to have long term relationships with our team and we always seek to offer opportunities to extend cooperation beyond the first contract or project.
  • Extelligence is a multicultural team, we have more than 15 different nationalities working with us.
  • We also organize events to bring our team together including team building activities and social events.
Job Type: Contract
Job Location: Czech Republic Hybrid Prague

Apply for this position

Allowed Type(s): .pdf, .docx