DevSecOps / Application Security Lead / Security Analyst

DevSecOps / Application Security Lead / Security Analyst We are looking for a multi‑role in DevSecOps sector/ Application Security/ Security Analyst for our client. The successful talent will be responsible for ensuring the security of the software applications, identifying and mitigating potential security risks/vulnerabilities, and implementing best practices for application security throughout the software development life cycle. Application Security Architect (DevSecOps) ~ 65-85K Responsibilities Architectural Oversight: Ensure cybersecurity architecture and solutions meet specifications and risk tolerance in application contexts. Support Development Teams: Collaborate with teams on threat modeling, secure coding, and application security tools. Integration Architecture Recommendations: Advise on secure coding, web application firewalls, and CI/CD security measures. Application Security Assurance Tools: Utilize experience with security assurance tools to support developers and enhance application security. Collaboration with Security Engineering: Integrate security solutions into development processes. Requirement Creation and Review: Develop and review security requirements for application projects. System Architecture Review: Conduct security reviews of application designs to meet acceptance criteria. Security Reference Patterns: Create guidelines for secure application development aligned with security policies. Data Security: Review and implement data protection controls across various technologies. Kubernetes/Cloud Security: Enhance security for applications in containerized environments. Application Architecture Understanding: Apply security controls based on application design to minimize risks. Collaborative Project Delivery: Ensure timely delivery of secure applications. Governance Participation: Contribute to application security strategies in governance forums. Qualifications Relevant degree in Computer Science or related field; experience with security frameworks (e.g., SABSA, TOGAF). Cybersecurity certifications (e.g., CISSP, CCSP) are preferred. Significant experience in cybersecurity, application threat modeling, and secure coding (Java, C++, etc.). Familiarity with SAST, SCA, DAST, and DevSecOps practices; experience with automated pipelines. Proficient in automation scripting (Python, APIs); knowledge of IT system management practices. Optional: Experience with Kubernetes security and policy development; familiarity with risk management. Security Analyst (~40-41K) Responsibilities System Monitoring: Oversee the uptime, reliability, stability, and compliance of security systems; collaborate with business units to address any gaps (15%). Anomaly Detection: Identify and respond to network anomalies and malware incidents across various security platforms (20%). DLP Management: Administer and monitor Data Loss Prevention (DLP) solutions for network, host, and cloud environments (15%). SIEM Investigation: Investigate and manage alerts from Security Information and Event Management (SIEM) systems (10%). Email Security: Monitor email and spam filtering systems, addressing any malicious events (10%). Application Oversight: Supervise application whitelisting and file integrity monitoring processes (10%). Compliance Assurance: Ensure cybersecurity configurations meet compliance standards using vulnerability management tools (10%). Vulnerability Management: Oversee the remediation of vulnerabilities and findings from penetration tests (10%). Additional Duties: Perform other tasks as assigned by the Manager of Security Architecture. Requirements Bachelor’s or equivalent degree in Information Systems, Computer Science, or a related field. 2–4 years of experience in IT or cybersecurity roles. Strong understanding of SIEM, IDS/IPS, malware protection, DLP, IAM, vulnerability scanning, and incident response. #J-18808-Ljbffr