- Deliver DevSecOps with a focus on CI/CD pipelines and automation.
- Educate others on DevSecOps approaches and best practise, create artefacts of information, define ways of working and processes that include tool adoption (we use Snyk) for security reviews, cloud changes and system monitoring.
- Review how we work and look at how we adopted a shared responsibility model with Security.
- Selling the idea of DevSecOps to product teams and deliver a packaged security approach.
- Make automation a key service and how to scale security into teams to fix vulnerabilities at a local level.
Required Skills & Abilities
- Good knowledge of AWS cloud and security gates.
- Worked with security as a product (integration of tools e.g., auth0 and documented the process for engineering adoption).
- Great communication skills and deal with stakeholder management.
- Can measure security adoption and continuous improvements.
- Knowledge of containers, orchestration, registries, infrastructure as code languages (Terraform).