fbpx Senior DevSecOps Cloud Architect Acton Support Centre (123) 20626 | Dixons Carphone Careers

Senior DevSecOps Cloud Architect

IT

Job Number: 20626

Location: Acton Support Centre (123)

Contract: Full Time / Permanent

Description

Senior DevSecOps Cloud Architect

Reporting to the Head of Digital Defence, our Senior DevSecOps Cloud Architects are responsible for working with project and operational teams to ensure security is embedded within application and system development.

The role will require a diverse background in security, IT operations, risk management, software development and operational assurance through adherence to internal policies and relevant compliance standards. It requires establishing good working relationships with different areas of the organization including architects, technical designers and product or service owners as well as build and test teams.

 

Responsibilities

  • Review data flow diagrams, design and architectural documentation to provide security oversight on requirements, input and potential risks.
  • Support IT and Business transformation projects by ensuring they are risk-assessed, and that controls and security requirements are met through the transformation lifecycle, including compliance requirements such as ISO 27001 and PCI-DSS.
  • Support security risk management by identifying and analysing potential risks within development processes and outputs. Ensure that there is appropriate reporting, management and mitigation actions in place.
  • Work in conjunction with assurance teams to support the improvement of application and system development across DCG.
  • Support the Security Testing team in the scoping, management and related remediation activities arising from penetration testing and vulnerability management processes.
  • Attend business governance meetings as required representing the Information Security team.
  • Develop information security processes and procedures in conjunction with business and IT stakeholders and ensure these are embedded into BAU activity.
  • Be the “go-to” SME for security, business and technical teams (both internal and externally) that require support and broadly sharing related Dev-Sec-Ops updates from across industries.

 


Required Skills & Experience

  • Proven practical experience in Cloud Computing (Azure, AWS, GCP, IBM) with knowledge of Containerization technologies (Kubernetes, ECS, Docker) and configuration management (Helm, Ansible, Packer, Azure Automation). 
  • Experience of setting up HA cloud environments with Terraform and ARM.  
  • Good Knowledge of traditional IaaS IT Security Devices running as VMs.
  • Linux Admin knowledge of RedHat, Suse and other distributions.  Windows Server knowledge.  Working with CIS hardened images.  Admin knowledge of NginX, IIS, Apache, NodeJS, BIND, DHCP, OpenSSL, Windows Firewall and IP Tables.
  • DevOps / SRE mentality and related working practices.  Practical experience of securing pipelines with Container Scanning (Clair), DAST (Zap), SAST.  Secrets management and vaulting.
  • Working with CI & CD toolsets such as Jenkins, Gitlab-ci, Azure DevOps-ci.  Working in GitLab, Bitbucket and GitHub SCMs with the ability to mentor others from scratch.
  • Experience of AD, ADFS, Azure AD, OpenID Connect, OAuth, claims and RBAC.
  • Experience across Security Governance and Security Assurance.  
  • Ability to explain and present technical security risks to a wide variety of business, technical and non-technical stakeholders.  Strong documentation skills in Confluence and Jira.
  • Ability to use SME knowledge to influence security good practice behaviours within Dixons Carphone.  Demonstrate vulnerabilities with Fortify, Burp, Postman and other tools.
  • Intermediate Software Engineer preferably with experience in some of the following: PHP, JS, Java, Bash, Python, Terraform, ARM.