Senior DevSecOps Architect
A great opportunity for a skilled and experienced Senior DevSecOps Architect at the Director level to join our client's Enterprise Cybersecurity division in Dublin on a permanent basis.
About the Role:
This is an individual contributor role with no people management involved, requiring a very hands-on approach.
You will play a crucial role in developing and implementing security architecture for complex infrastructure and applications in a challenging and exciting business environment.
The company is a leader in their industry and dedicated to protecting customer and enterprise data and assets in a constantly evolving cyber-threat landscape.
Responsibilities:
* Lead the development and implementation of security architecture for complex infrastructure and applications
* Collaborate with product management and engineering teams to develop solutions to critical projects
* Provide mentorship and strategic guidance to partner teams within the division and across the organisation
* Conduct application threat modelling and risk assessments
* Stay up-to-date with the latest threats and vulnerabilities in web, API, and enterprise applications
* Address unique security considerations related to cloud computing and integrate cloud with on-premise services
* Utilise expertise in CI/CD practices, pipelines, and build tools
* Mitigate threats and vulnerabilities to protect customer data and applications
* Conduct secure code review and software composition analysis
* Perform dynamic application security testing, including penetration testing and red team assessments
Requirements:
1. Extensive experience with technical lead/architectural responsibilities in building enterprise web applications
2. Proven leadership skills and ability to mentor and collaborate with application architects, engineering, and product teams
3. Deep understanding of threats and vulnerabilities in web, API, and enterprise applications
4. Extensive technical knowledge of security technologies related to application security
5. Familiarity with cloud architectures, including SaaS, PaaS, and IaaS, and their unique security considerations
6. Experience with application security products and solutions for secure code review, penetration testing and Red Team assessment.
7. Experience in AppSec Testing (SAST, DAST, SCA, IAST).
8. Experience in DevSecOPS (CI/CD, Automation) and common code vulnerabilities (XSS, SQLI etc) in popular programming languages and open-source packages (Java, NodeJS, Spring, etc)
9. Working knowledge and experience with