Devsecops Advisor - London, United Kingdom - Fruition IT

Fruition IT

Verified Company

London, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Job DescriptionOur client is a FTSE 100 media company who is currently undergoing a significant transformation to modernise their ways of working and is investing significantly in the creation of a new Cyber Security team.

The DevSecOps Security Advisor reports to the Senior DevSecOps Advisor and will act as the primary interface between the Cyber Security team and allocated business areas operating in the DevOps space.

As part of a team of 4, you will be responsible for driving the delivery and adoption of cyber security services within those operating companies as allocated.

You will be required to build strong professional relationships and become a trusted advisor on all matters security-related to key stakeholders including CIOs, Business Leads, Operational Assurance Leads, and others.

The DevSecOps Advisor will have proven experience in driving a security-as-code culture within the business and implementing best practices in infrastructure and software security across their platforms.

Applicants will be used to working proactively to identify vulnerabilities within CI/CD pipelines, collaborating with engineering teams, and coaching teams on cyber-security best practices.

You will successfully promote the further adoption of centralised security services and drive consistency and continual improvement across our business areas.

What you'll be doing:

Support the Senior DevSecOps Advisor in the uptake and delivery of centralised security services
Oversee the improvement and standardisation of security controls
Collect, aggregate, interpret, and present security metrics to aid management reporting
Drive compliance to relevant security charters, policies, and standards across the business

What you'll need:

MSC Information Technology degree (desirable but not essential)
CISSP or similar
35 years of experience working in a DevOps engineering environment.
Usage of CI/CD processes including the integration of security & quality tooling.
Knowledge of DevOps processes and tools (Ansible, Jenkins, Git, Azure DevOps)
Security Scanning tools (Static Code Analysis, Opensource, and Container Scanning tools).
Proficient understanding of code versioning tools
A broad understanding of cyber security capabilities, tools, processes, and frameworks
Be versatile and proactive
Be able to influence internal and external stakeholders
Able to manage multistakeholder projects and overcome challenges
Have excellent analytical, diplomatic, and communication skills

This company is based in London as usually asks that you attend the office once per month.

We are committed to creating a diverse and inclusive workplace and encourage applicants from all backgrounds to apply.