VACANCY – DevSecOps Engineer
Your opportunity to join a leader in cyber security
Job Title: DevSecOps Engineer
Reporting to: Engineering Manager
Issued: March 2021
Nexor is a well-established business that has been successful in the Defence and Security market since 1992. Our secure information exchange solutions have been deployed by more than twenty-five different nations around the globe and as part of the National Cyber Security Centre (NCSC) High Assurance community, we fully support the HMG mission to make the UK the safest place to conduct business online.
This success in the defence and security market has been built on our ability to build great technology and service solutions that not only address the customers’ needs, but helps drive the organisations capabilities forward securely, whilst respecting the commercial and social requirements of today`s world.
Looking forward, Nexor are working to secure future enabling technology through expansion into the Autonomous Vehicles, Fintech, Blockchain, Cloud and Crypto Currency environments.
We hold several accreditations ISO9001 (Quality Management System), ISO27001 (Information Security) IIP Gold Standard and Cyber Essentials Plus. We are the British Standards Institute’s reference enterprise for TickITplus, the software development extension to ISO9001.
So, as an SME, we are well respected in our industry, with agile capabilities that enable organisations and businesses to work securely, be that working direct, as lead Technology Architects or in partnerships that empower our customers to achieve their goals.
Main Purpose of Job
To build, test and maintain the infrastructure and tools to allow for development and release of software, containerising software and integrating security practices at every phase of software development.
Key Tasks and Responsibilities
- Build and set up new development tools and infrastructure to provide a security environment within which an Agile approach to development can operate.
- Identify and incorporate security practices into the software build mechanism and engineering development infrastructure, including control of containerised areas, automating as appropriate.
- Develop and test installations for Nexor products ensuring adequate levels of security; release products to internal and external customers, ensuring quality standards and specifications are met.
- Incorporate threat analysis and vulnerability scanning and patching into the release cycle to ensure common vulnerabilities and exposures are minimised.
- Ensure that all the product build materials, e.g. installations, source code, and documentation, are appropriately backed up and archived.
- Develop and maintain installation packages for all relevant products, ensuring that installations do not adversely affect other products.
- Ensure systems and software are compliant through patch management
- Manage solution releases and packaging for both internal and external environments through a variety of media.
- 5+ years proven experience in DevSecOps.
- Knowledge of DevSecOps tools and practices, including Git, Kubernetes, Docker and Jenkins.
- Experience in AWS, containers, orchestration, registries, networking and networking protocols.
- Understanding of threat modelling and risk assessment techniques.
- Comfortable in leading and driving implementation in this area.
Nexor encourages an open and participative approach to both business and social activities. As a Gold standard Investor in People, you will have a structured career path which actively supports your career development. Nexor will provide an attractive remuneration package and excellent future career prospects.
The successful candidate will be expected to be able to obtain UK SC security clearance.
If you are interested in applying, please send a copy of your CV with a covering letter outlining why this would be the ideal opportunity for you, by email to firstname.lastname@example.org
RECENT BLOG POSTS
What does Cyber Essentials cover? Cyber Essentials is a UK Government backed scheme that helps protect your business against a range of the most common cyber-attacks. Cyber-attacks can come in many forms and may be carried out against businesses of any size of...
On Monday 19th April 2021, CIISec Nottingham, Derby and Leicester branch collaborated with BCS Nottingham and Derby to host a virtual event, “Sunburst - A New Dawn”. The event was well attended by nearly 100 security professionals from both organisations. Chairs...
What is Cyber Essentials? Cyber Essentials is a Government backed scheme which provides simple but effective controls to protect your organisation, whatever its size, against a range of the most common cyber-attacks. Why should my business be interested in Cyber...
Be the first to know about developments in secure information exchange