Senior DevSecOps Engineer

Company:  Prudential
Location: Newark
Closing Date: 24/10/2024
Salary: £125 - £150 Per Annum
Hours: Full Time
Type: Permanent
Apply Now
Job Requirements / Description

Your Team & Role

As a DevSecOps Engineer at Prudential, you will play a critical role in shaping and maintaining the company's security posture. Your responsibilities will include providing insightful feedback and advice to our security and GRC teams regarding enterprise standards. You will also be tasked with implementing and managing the necessary tools and policies to ensure that these standards are consistently monitored and enforced. Furthermore, you will also work closely with our development community, gaining a deep understanding of their security challenges. You will be at the forefront of our security efforts, bridging the gap between development and security. This role requires an understanding of security and a focus on execution to safeguard Prudential's digital assets.


Here is What You Can Expect on a Typical Day:

  1. Continuously improve the security postures of applications, containers, cloud, and data.
  2. Advise enterprise teams developing standards for security, quality, and controls.
  3. Implement prevention/detection/remediation policies.
  4. Empower developers to understand and manage their security issues.
  5. Develop process workflows to ensure security issues are properly resolved.
  6. Generate security benchmarks and audit reports.
  7. Partner with security vendors to enhance their products.
  8. Bring awareness to emerging technologies and threats.

The Skills & Expertise You Bring

  1. Bachelor of Computer Science or Engineering or experience in related fields.
  2. Strong technical foundation with experience in several of the following:
    1. 3+ years in software engineering, devops, and/or security.
    2. Experience in one or more of the following languages: Python, Javascript, Go, or Rust.
    3. Experience with Policy-as-Code and querying languages: GraphQL, Rego, Sentinel, HCL, OVAL, CodeQL, datalog, Kusto.
    4. Familiarity with API development and 3rd parties integration.
    5. Familiarity with different types of infrastructure: servers, serverless, containers, cloud, networking, mobile.
    6. Familiarity with system architectures: Monolithic, event-driven, n-tier, microservices, MVC, distributed.
  3. Security Domain Knowledge:
    1. Thought leadership and publishing policy or research briefs.
    2. Knowledge of application security specific topics: SDLC, DevSecOps, IAM, cloud/mobile/container security.
    3. Experience managing security tools: SAST, SCA, DAST, xSPM, secret scanners.
    4. Familiarity with security data sources and formats: CVE, CWE, CPE, SBOM, VEX, CVSS, CAPEC, SARIF, CycloneDX.
    5. Familiarity with industry standard security frameworks: SOC2, NIST, ATT&CK, CIS, ISO 27001/27002.
    6. Familiarity with common identity standards and formats: SAML, OAuth, SCIM, LDAP, JWT, Kerberos, OpenID.
  4. DevOps Knowledge:
    1. Implemented a DevOps pipeline and experience with tooling.
    2. Understanding of Agile methodologies.
    3. Experience in process engineering and developing workflows.
    4. Strong background with git including merging and branching strategies.
    5. Ability to document user guides, bugs/defects, features, and SOPs.
    6. As-Code Patterns: Infrastructure, Configuration, Security, Policy, Docs, Pipeline, Identity.
  5. General Skillsets:
    1. Collaboration within a scrum team, development community, and decision-makers.
    2. Excellent problem solving, communication, and collaboration skills.
    3. Strong customer service and value-oriented mindset.
    4. Strong written and verbal communication skills, including the ability to effectively communicate complex issues to both technical and non-technical users.
    5. Strong time management and organizational skills.
    6. Strong initiative, interpersonal and problem-solving skills with a strong desire to learn.
    7. Ability to create excellent working relationships within and across teams.

    Preferred Qualifications

    1. Financial/Insurance industry experience is a plus, not a must.

    You’ll Love Working Here Because You Can

    Join a team and culture where your voice matters; where every day, your work transforms our experiences to make lives better. As you put your skills to use, we’ll help you make an even bigger impact with learning experiences that can grow your technical AND leadership capabilities. You’ll be surprised by what this rock-solid organization has in store for you.


    Note: Prudential is required by state specific laws to include the salary range for this role when hiring a resident in applicable locations. The salary range for this role is from $105,100.00 to $156,500.00. Specific pricing for the role may vary within the above range based on many factors including geographic location, candidate experience, and skills. Roles may also be eligible for additional compensation and/or benefits. Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance. In addition, employees are eligible for standard benefits package including paid time off, medical, dental and retirement.

#J-18808-Ljbffr
Apply Now
Apply Now
Share this job
Prudential
Useful Links
More Jobs in Newark
Full Time Jobs in Newark
Part Time Jobs in Newark
Management Jobs
Engineering Jobs
An error has occurred. This application may no longer respond until reloaded. Reload 🗙