devsecops engineer
генерация резюме под вакансию
сопроводительное письмо
описание
The team develops security solutions that provide unified visibility into open-source vulnerabilities and deliver security ratings for open-source libraries. These platforms assist development teams in making risk-based decisions and enhancing the security of the software delivery lifecycle.
задачи
- Support the development and enhancement of solutions for open-source vulnerability monitoring and security rating;
- Improve CI/CD pipelines and GitHub Actions–based workflows;
- Apply DevSecOps and secure engineering practices across the software delivery lifecycle;
- Collaborate with engineers, security specialists, and product stakeholders to deliver reliable and secure solutions;
- Analyze, prioritize, and address security-related topics connected to open-source components and dependencies;
- Share knowledge and contribute to the continuous improvement of product quality and engineering practices.
требования
- Background in DevSecOps practices, Secure Software Development Life Cycle (SSDLC), and security-as-code approaches with 3+ years of relevant experience;
- Understanding of Software Composition Analysis, open-source vulnerability management, and OSS license compliance;
- Knowledge of CVSS scoring, exploitability assessment, and vulnerability prioritization and remediation strategies;
- Hands-on experience with GitHub Actions, CI/CD pipelines, and integration of security checks or quality gates into delivery workflows;
- Familiarity with open-source security principles, vulnerability management practices, and relevant security guidelines;
- Strong communication skills, ownership mindset, and ability to work effectively as part of a cross-functional team;
- English at an Upper-Intermediate level (B2) or higher.
условия
- No conditions specified
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.