Company Description
Here at esure, we're no strangers to change. As one of the industry leaders in the insurance business, striving to become a world class digital insurer, we're getting ready for more. It's creating great new opportunities for innovative and talented industry professionals to join us at a pivotal point in our development.
Job Description
We currently have a fantastic opportunity for a DevSecOps Engineer to join our team. You will be responsible for protecting esure's information systems and networks from security breaches and cyber threats by responding to security events, conducting improvements and assessments.
What will my role entail?
1. Key member of a multi-disciplined, high performing DevSecOps team accountable for managing the security and networking integration across esure.
2. Network Firewall Operations: Setting up new firewalls and firewall rules in Fortigates.
3. Security Integration: Embedding security tools and practices into the DevOps workflow specifically on the CI/CD pipelines to automate security checks.
4. Vulnerability Management: Managing software vulnerabilities using tools such as Wiz, Sonarcloud, Cobalt and other DevSecOps tools.
5. Configuration Management: Detecting cloud and Kubernetes misconfiguration and building correct configuration guidance for DevOps and Developers using tools like Terraform.
6. Reporting: Build reports detailing KPI trends, and the overall security health of the organisation.
7. Training and Education: Provide advice and training to staff to raise awareness of information security and promote good security practices.
Qualifications
1. Demonstrated ability within a Networks team.
2. Ability to setup and maintain Fortigate NGFW.
3. Committed to upskilling in all facets of cloud including networking, security, infrastructure setup and management.
4. Ability to analyse and generate Network Packet Captures.
5. Comfortable setting up and maintaining IPSec VPNs and SSL VPNs.
6. Proficient in resolving network issues.
7. Ability to quickly research and learn new DevSecOps tools and techniques.
8. Solid grasp of cloud platforms and their network and security features.
9. Exposure to at least one programming/infrastructure as code language e.g. Python and Terraform.
10. Basic understanding and hands-on experience in Cloud Networking.
11. Basic knowledge of Cloud architectures and willingness to learn more about cloud.
12. Experience working on technical projects within a cross functional team.
We'd also like to hear if you have...
1. Familiarity with security tools such as static code analysis (SAST), dynamic analysis (DAST), and vulnerability scanners.
2. Past experiences of security automation including roles like security engineering and security operations. Past security internships are also considered.
3. Knowledge of containerization and orchestration tools like Docker and Kubernetes.
4. Superb communication skills, both written and oral, with the ability to communicate security-related concepts to a broad variety of technical and non-technical staff.
5. Hands-on experience with AWS, Azure, plus Windows and Linux operating systems.
We'll help you gain...
1. Professional growth and progression opportunities include roles such as Security Architecture and Senior DevOps or Senior DevSecOps Engineer.
Additional Information
This is your opportunity to be at the forefront of our game-changing journey and be part of something truly special!
We understand some people may not apply for jobs unless they tick every box. If you are excited about joining us and think you have some of what we are looking for, even if you're not 100% sure we would love to hear from you.
#J-18808-Ljbffr