DevSecOps Consultant

devsecops-consultant

Description

Kloia is a recognized AWS Partner with a deep focus on Application Modernization and Digital Transition projects.

Our teams are growing rapidly and we’re hiring a Site Reliability Engineer mainly for our managed services that we provide to our customers, but also for our internal projects to build a scalable and reliable platform of common services.

What does DevSecOps Consultant do?

In Kloia, DevSecOps Consultant works on Security aspects of DevOps and new-era software stacks.

Key parts of this role are to take part in implementing security practices and tools in CI/CD and production runtime environments.

As DevSecOps Consultant you will:

-Identify and implement Security improvements for CI/CD.
-Aware of CISec, CDSec, and Container Security.
-Comply with the “Security-as-code” approach.
-Be working with the security tools in DevOps and Security domain.
-Drive security-related changes on critical systems with a fantastic level of planning and impact analysis.
-Design and implement the security measures and policies in a cloud-native environment.
-Guide and unblock developers across multiple teams and get the right stuff done to push their product forward.

Position: DevSecOps Consultant

Location: Remote - EMEA

What would an average day look like?

As part of the DevSecOps Team, you will commit proactively to follow the latest security practices and tools in the DevSecOps domain. Those include CI/CD and container security tools and practices.

In terms of technical challenges, here are a few challenges our team has solved. If you want to have an idea of what you would work on, give them a try:

How we can convert the security policies to an as-code manner
How to comply with PCI/CSS in a Kubernetes cluster
How can we implement Cloudflare with Terraform
How can we implement the software dependency and docker image security in CI

Although it varies from customer to customer, the typical stack is entirely cloud-native, and it includes technologies such as AWS, Sonatype, Cloudflare, Snyk, Terraform, Docker/Kubernetes, AquaSec.

While we don’t expect anybody to know our exact stack inside out, and you’ll be given training and help during your onboarding to become fully proficient with it, we expect you to already have a deep understanding of how Linux based distributed systems work at scale, and have covered a similar role in the past.

Who should apply?

This role is ideal for somebody who wants to work with cutting-edge cloud infrastructure at scale and be part of a team always open to new ways of working. The ideal candidate will be passionate about automation and making infrastructure more effective, as well as have a natural flair for explaining complicated concepts in a simple and understandable way.

This all sounds great, what's it going to do for my career?

You will be exposed to new technologies in an environment that will allow you to use them at scale. All our products have a global reach, which means that everything we design has to take this into account. Our infrastructure is deployed in multiple AWS regions and it has to stay fast and reliable at all times.

We always try to solve problems at the right level of the stack, so you will have opportunities to develop both development and operations skills.

You will also be encouraged to invest in yourself and keep learning new things. For example, Friday afternoons can be used to work on different projects that are interesting to you. We also have hack days to disconnect from the day-to-day and explore new technologies and techniques.

Requirements

Fantastic communication skills
Deep familiarity with OSI networking, eBPF, and Linux
Experience with the security aspects of CI/CD
Experience defining the security policies
Experience with DevOps practices and culture
A good understanding of security-as-code
An automation mindset

Nice to have

Experience with technologies in our stack is a strong plus, specifically:
A good understanding of Kubernetes
Experience with Terraform or other IaC tools

weoffer-various-benefits-1

Benefits

We have a range of awesome perks and benefits:

- Work from anywhere and anytime concept
- Remote budget which you can buy whatever required to increase your efficiency at your home working area
- Hackathon Days
- Access to AWS and CNCF/Kubernetes Trainings
- AWS and Kubernetes certifications
- R&D focus

We offer an incredible range of perks and benefits. Before the pandemic, we were also following "Work from anywhere" principle, which means you are free to work from your home or from our offices (Workinton). We are always seeking new ways to make remote-work more social, including:

- Weekly Lunch&Learn Sessions
- Weekly OpenCam Sessions
- Virtual Socials
- Online Games