DevSecOps Engineer / DevSecOps Инженер

• Proven experience as a DevSecOps Engineer, Security Engineer, or DevOps Engineer with a security focus (3+ years)
• Deep understanding of DevOps and DevSecOps principles
• Experience with CI/CD tools (GitLab CI)
• Practical experience with static and dynamic code security analysis tools (SAST/DAST)
• Experience with infrastructure vulnerability analysis tools (Nessus, OpenVAS)
• Knowledge of principles and experience with secrets management systems (HashiCorp Vault)
• Experience with security monitoring systems and SIEM (Splunk)
• Knowledge of network security principles (firewalls, WAF, IDS/IPS)
• Experience with containerization systems (Docker, Kubernetes/OpenShift) and their security
• Knowledge of scripting languages (Python, Bash, PowerShell)
• Understanding of Infrastructure as Code (IaC) principles and experience with relevant tools (Terraform, Ansible)
• Knowledge of key security standards and practices (OWASP Top 10, CIS Benchmarks)
• Experience with version control systems (Git)
• Ability to automate routine tasks
• Strong diagnostic and problem-solving skills
• Ability to effectively interact with development and operations teams
• Proactivity, responsibility, and commitment to continuous development in security

Required language skills:

• Knowledge of Russian and English at a level sufficient for professional communication (written and oral) with clients and developers

Desired skills:

• Experience with security tools for .NET applications
• Experience conducting penetration tests (as an advantage)
• Relevant security certifications (Certified Kubernetes Security Specialist (CKS), CISSP, CEH, OSCP)