Analyze your CV for DevSecOps Engineer at Vodacom Tanzania

Role Purpose
The DevOps Engineer is responsible for managing and reducing security risks by developing global security controls across the in house agile development initiatives, as well as integrating security into our DevOps pipelinesThe incumbent is responsible for undertaking extensive security assessment and evaluation of the technology platforms deployed/built in house to ensure the expected security risk reduction.




Key Accountabilities


Impact on the business

Help to build tactical practice to integrate cybersecurity into the organizational adoption and improvement of agile practices.
Provide engineering designs for new software solutions to help mitigate security vulnerabilities
Guide team members on secure coding practices.
Perform on-going security testing and code review to improve software security.
Develop procedures to automate security tasks which seamlessly integrate into code builds and deployments.
Demonstrate attacks in applications and coordinate Risk mitigation for new and production systems
Provides real-time reporting of product and service vulnerabilities across the business.
Advocate DevSecOps related Cyber Security baselines (CSB) and ensure strategic aligned controls are implemented.
Document implemented security controls
tay current on security industry trends

Leadership and Teamwork

Drive Security Chapter Leadership, train and develop security Champions in each squad
Partner with Solution design and Engineering teams to create, implement and apply DevSecOps principles, processes and culture that are consumed by delivery teams.
Provide input to Security Policies and requirements on Technology security methods and technologies
Provide mitigation strategies of various security risks or gaps in DevOps landscape. 





Cont: Key accountabilities


Customers, supplier and third parties

Ensure compliance with Legal and Regulatory requirements.
Fulfil Key Customers obligations and Stakeholders expectation.
Ensure latest security measures are implemented across all internal and External systems integrations.Communication
Ensure Cyber Security requirements are documented and communicated in a manner that can be well understood by design and engineering teams.
Act as SPOC for Vodacom Tanzania in all group Security Chapter meetings.
Assess, Identify, document and communicate Risks with Agile environment in a manner that can be well understood by Management, design, engineering and Operations team. 





Competencies, Knowledge, experience & Qualifications


Core competencies, knowledge and experience 

DevSecOps culture, processes, and tools
Agile delivery using Scrum or Kanban methodologies
Secure CI/CD implementations
Cyber Security and Risk Management skills
Strong understanding on OWASP Web Application Security Risks.
Unit, integration, smoke and static code analysis testing
Architectural element testing e.g. APIs
Expertise in multiple programming and markup languages, such as HTML, CSS, JavaScript/Native                        script, Android, Java,PhP, Ruby, SQL, XML, JSON, C and Python, 
Cloud technologies AWS, GCP, micro-services architectures, API etc
Knowledge of Operating systems such as LINUX,Windows etc.
Flexibility & quick learner
Strong problem solving 
Strong communications skills
Business acumen

Must have technical / professional qualifications: 

Bachelor’s Degree in Computer Science, Information Systems, or other related field
2 -3 years’ in Cyber security and software development experience 
Efficient coding, scripting and automation skills
Security certifications (OSCP, OSWE, CEH or equivalent) will be added advantage





Skills


Security
Risk and Compliance