30+ days ago



Location: Prague, Ireland, Rest of Europe



Key Responsibilities:


Profound expert knowledge of Web systems especially CMS (Mobile, Web, API, Microservices and Database)

·        Hands on knowledge on Web security modules and secure configuration

·        Profound knowledge on Role Based Access Control (RBAC) for Web applications

·        Configure and implement SCM gitflows and CI/CD tools as per architecture

·        Integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production

·        Support the engineering teams in growing and maintaining the Infrastructure as code / Continuous Integration / Continuous Delivery

·        Support build and release processes for multiple solution layers including front-end (Mobile and Web), API, Microservices and Database, for dev, test, and production servers

·        Mentor development teams, review pull requests, and guide evolution of the development pipeline


Background & Knowledge


Must have a solid exposure to web security and coding standards

·        Knowledge in managing, securing and preparing Dev, Test and Production environments

·        Experience with multiple Application Security Tools (SAST, DAST, IAST, MAST Security Static/Dynamic code analyses and Interactive application security testing) and the integration into the SDLC via CI Automation and Integration (focus on SAST using Checkmarx)

·        Familiar with ISMS(ISO/IEC 27000), NIST Cybersecurity Framework, CIS Controls and Open Web Application Security Project

·        Experience with modern application packaging, deployment, containerisation, bug tracking tools and other supporting tools (TeamCity, Jenkins, Docker, Kubernetes, Jira, Confluence, etc.);

·        Strong RESTful API development. API Gateway knowledge is a plus

·        Experience and solid knowledge on computer and network security

·        Hands-on experience and proficiency in API test automation and standardisation

·        Must have practical experience managing Agile Release Management and maintaining a scalable SDLC

·        Must have administered and automated practical solutions for SDLC and Release management through CI/CD and related tools including but not limited to: Bitbucket, Jenkins, Maven, Nexus, Artifactory, SonarQube, Jira, Confluence, and collaboration tools such as MS Teams or Slack;

·        CISSP certification highly appreciated

·        Drupal or other related Web CMS Experience is highly preferred.

Source: Recrucial