DevSecOps Lead/Security Lead

By 19 september, 2022 september 28th, 2022 Data/IT
Roll IT-säkerhet
 Kompetensområde Data/IT
 Startdatum 2022-10-03
 Slutdatum 2023-04-03
 Omfattning 100%
 Ort Stockholm/Solna
Land Sweden
 Sista svarsdatum 2022-09-26 (Offerter kommer att behandlas löpande)
 Kontaktperson Patrik Ekenbark (cv@keyman.se | 070-659 96 00)
 Referens nr 4620886
Övergripande uppdragsbeskrivning

We are now looking for a DevSecOps Lead/Security Lead for one of our clients. 

The role means primarily working together with the tech leads and team members to support, educate and make sure that an optimal way-of-working is practiced in the development teams. 
This is done through all phases of the software life cycle, during planning, development, and operations. A special focus for this role is to ensure that security is considered and enforced for all services within the department.  You can also expect to join teams in hands-on deep dives in particular challenges related to software development practices, security, or operational areas.

Our client´s successful software service operation is that the teams assume end-to-end responsibility and have the skills, tools, and capacity to keep the service operational and secure. The DevSecOps role aligns the processes and assists in improving the collaboration with other stakeholders, such as the Security Operations Center, the Service Desk and the Major Incident Team (MIM).

The purpose of this role is to secure a stable operations and agile, secure development solutions – both customer facing front-end interfaces and back-end stability and development as well as ensuring integrations with other applications. 

Specific tasks in the role:
• Coach and lead the teams to apply modern application development techniques including automated testing, code-reuse, secure development practices and managing the CI/CD pipeline.
• Understand different regulations and be able to translate that into working software such as: Accessibility, PCI-DSS and GDPR.
• Understand how to recognize and mitigate application security risks for example by training the developers in secure application programming, for example OWASP.
• Be active in the problem management process to make sure that incidents do not re-occur and that security threats are treated proactively.
• Train the teams’ developers in security awareness and other modern practices related to DevSecOps.
• Spend time to deep-dive with the teams for whole sprints (or more) to share knowledge and best practices and give the teams a boost in security and development practices.
• Give advice and assist the implementation of department-wide tooling for CI/CD, automation, and security-related tools.

The work needs to be performed on-site initially and in due time work can be done remote/from home office.

PLEASE NOTE: The client needs CV’s in English.

Skallkrav

Experience from coaching and leading teams
Experience from using regulations and translate them into working software (E.g. Accessibitilty, PCI-DSS and GDPR)
Experience from recognizing and mitigating application security risks
Experience in training developers in security awareness
Experience in working proactively in order to prevent security threats

Börkrav

Övriga krav

Bifoga CV i Wordformat under fliken Dokument. CV:t är en viktig del i utvärderingen av konsulten. Det ska tydligt visa att konsulten har den kompetens och erfarenhet som efterfrågas för det aktuella uppdraget.
Offert för detta uppdrag måste skickas in via KeySourcingTool. Svar via mail kommer att få begränsad feedback.
Beskriv gärna kort i ”Kommentar” vid de olika kraven hur konsulten uppfyller dessa.

Personliga egenskaper

Noggrann /Meticulous
Självgående / Self-motivated
Teamplayer /Team Player
Kommunikativ /Communicative
Analytisk /Analytical
Flexibel /Flexible
God social förmåga /Good Social Skills
Självständig /Independent
Driven /Driven

Övrig information

Initially a 6 month assignment with good chances of extension.

 


 

Att offerera på detta uppdrag

OFFERERA PÅ DETTA UPPDRAG VIA KEYSOURCINGTOOL (Prioriterad)

Mailofferter ska innehålla följande information

  1. Konsultens CV bifogat (helst i Wordformat)
  2. En kortfattad summering (ska beskriva konsultens kompetens jämfört med uppdragets krav och behov)
  3. Konsultens timarvode (SEK exkl moms)
  4. Konsultens tillgänglighet (Startdatum och omfattning)
  5. Bekräftelse på att ni accepterar, GDPR och “KeyMans allmänna villkor”

OFFERERA PÅ DETTA UPPDRAG VIA E-POST
OBS! Begränsad återkoppling erhålls för offerter som kommer via e-post.


 

Tillbaka till aktuella uppdrag