DevSecOps Specialist | Prague | Contract 11 000 CZK MD

We are the European size ICT holding founded by KKCG investment group. We are provide a comprehensive portfolio of services, ranging from ICT architecture design, infrastructure and cloud services, and the implementation of enterprise management applications to the development of proprietary extensive software solutions and outsourcing.

The European Union Agency for the Space Program (EUSPA) is, among other things, responsible for developing the Egnos and Galileo navigation system, the Copernicus program, and more. And you can be a part of EUSPA!

We are looking for an experienced IT specialist in the field of cyber security to join the EUSPA infrastructure management IT team.

What will be your task:

• Ensuring the security of the EUSPA DevOps environments and CI\CD pipelines
• Providing leadership in the DevSecOps areas of Container Security, Cloud security, API Security, Vulnerability Scanning, Certificate Management, Secrets Management, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts. Cooperate on integration of software development projects into EUSPA infrastructure
• Defining compliance requirements based on Policies and Standards
• Support the Security Automation and infrastructure as code
• Develop an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open and closed source solutions
• Ensuring proper documentation of the processes and systems

REQUIREMENTS:

• Good knowledge of DevSecOps, security best practices / standards/principles such as Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
• Networking experience/knowledge and broad understanding of network protocols and services (e.g. FTP, HTTP, SSH, SMB, LDAP)
• Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (e.g. Tenable, Clair, Sonarqube, NMAP, etc).
• Coordination and remediation of vulnerabilities within established timeframes.
• Proficiency in Python, Bash and/or other programming and scripting languages.
• Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
• Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
• Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
• DevOps Automation: GitHub/Gitlab, Azure DevOps, Jenkins (any), Helm charts
• Knowledge of Kubernetes, Docker, container orchestration platforms (OpenShift, Rancher), container image registers (dockerhub, harbor)
• Knowledge of Secret Scanning, Secure code analysis, Dynamic Application Security Testing, Static Application Security Testing tools, Container Scanning, Infrastructure as Code Scanning