VACANCY – DevSecOps Engineer
Your opportunity to join a leader in cyber security
Job Title: DevSecOps Engineer
Reporting to: Engineering Manager
Issued: March 2021
Nexor is a well-established business that has been successful in the Defence and Security market since 1992. Our secure information exchange solutions have been deployed by more than twenty-five different nations around the globe and as part of the National Cyber Security Centre (NCSC) High Assurance community, we fully support the HMG mission to make the UK the safest place to conduct business online.
This success in the defence and security market has been built on our ability to build great technology and service solutions that not only address the customers’ needs, but helps drive the organisations capabilities forward securely, whilst respecting the commercial and social requirements of today`s world.
Looking forward, Nexor are working to secure future enabling technology through expansion into the Autonomous Vehicles, Fintech, Blockchain, Cloud and Crypto Currency environments.
We hold several accreditations ISO9001 (Quality Management System), ISO27001 (Information Security) IIP Gold Standard and Cyber Essentials Plus. We are the British Standards Institute’s reference enterprise for TickITplus, the software development extension to ISO9001.
So, as an SME, we are well respected in our industry, with agile capabilities that enable organisations and businesses to work securely, be that working direct, as lead Technology Architects or in partnerships that empower our customers to achieve their goals.
Main Purpose of Job
To build, test and maintain the infrastructure and tools to allow for development and release of software, containerising software and integrating security practices at every phase of software development.
Key Tasks and Responsibilities
- Build and set up new development tools and infrastructure to provide a security environment within which an Agile approach to development can operate.
- Identify and incorporate security practices into the software build mechanism and engineering development infrastructure, including control of containerised areas, automating as appropriate.
- Develop and test installations for Nexor products ensuring adequate levels of security; release products to internal and external customers, ensuring quality standards and specifications are met.
- Incorporate threat analysis and vulnerability scanning and patching into the release cycle to ensure common vulnerabilities and exposures are minimised.
- Ensure that all the product build materials, e.g. installations, source code, and documentation, are appropriately backed up and archived.
- Develop and maintain installation packages for all relevant products, ensuring that installations do not adversely affect other products.
- Ensure systems and software are compliant through patch management
- Manage solution releases and packaging for both internal and external environments through a variety of media.
- 5+ years proven experience in DevSecOps.
- Knowledge of DevSecOps tools and practices, including Git, Kubernetes, Docker and Jenkins.
- Experience in AWS, containers, orchestration, registries, networking and networking protocols.
- Understanding of threat modelling and risk assessment techniques.
- Comfortable in leading and driving implementation in this area.
Nexor encourages an open and participative approach to both business and social activities. As a Gold standard Investor in People, you will have a structured career path which actively supports your career development. Nexor will provide an attractive remuneration package and excellent future career prospects.
The successful candidate will be expected to be able to obtain UK SC security clearance.
If you are interested in applying, please send a copy of your CV with a covering letter outlining why this would be the ideal opportunity for you, by email to firstname.lastname@example.org
RECENT BLOG POSTS
Information Security is at a crossroads; we have more and more tools available to mitigate attacks but the number of security incidents such as data breaches is on the rise - why is this? Everyone thinks they know what they should be doing when it comes to information...
Going through Scrum Master training gave me one of the greatest leadership tools I’ve ever received, one that I use on a daily basis within my role as a Product Manager, but also as a leader in my organisation and in the wider community. It's a mindset that's called...
Are We Looking for Unicorns Are we looking for realistic combinations of skills and certifications in cyber security recruitment, or are we looking for mythical candidates who, like unicorns, simply don't exist? That was the question posed on Monday 8th February,...
Be the first to know about developments in secure information exchange