Enable job alerts via email!
DevSecOps Specialist to Integrate Security in CI/CD Pipeline
Featmate Inc.
United Kingdom
On-site
GBP 60,000 - 80,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A technology company is seeking a DevSecOps Specialist to enhance security in their CI/CD pipeline. The role involves embedding security tools, automating vulnerability scanning, and creating best practices documentation. Ideal candidates will be experienced in DevSecOps principles and possess a proactive approach to preventing security vulnerabilities early in the software development lifecycle.
Qualifications
- Proven experience with DevSecOps principles.
- Strong knowledge of CI/CD tools like Jenkins.
- Ability to create documentation on security measures.
Responsibilities
- Analyze the existing CI/CD pipeline for security vulnerabilities.
- Integrate automated security scanners into the pipeline.
- Create a detailed plan for security integration.
Skills
Aug 2, 2025 - Senior
Project Overview:
We need a DevSecOps specialist to embed security tools and practices directly into our CI/CD pipeline. The project's goal is to identify and address security vulnerabilities early in the development lifecycle, shifting our security approach from reactive to proactive.
Business Problem:
Security is currently handled late in our release cycle, leading to costly and time-consuming fixes. We need to prevent vulnerabilities from reaching production and make security an integral part of our development process.
Business Path After Completion:
Our software delivery will be more secure by design. The development team will receive instant feedback on security vulnerabilities, reducing the time and effort spent on remediation. This will lead to a more secure product and increased customer trust.
Freelancer Responsibilities:
- Analyze the existing CI/CD pipeline for security weak points.
- Integrate automated security scanners (SAST, DAST, SCA) into the pipeline.
- Implement a secrets management solution (e.g., HashiCorp Vault) to secure credentials.
- Configure automated vulnerability scanning for containers and dependencies.
- Create documentation on the new security measures and best practices.
Required Expertise:
- Proven experience with DevSecOps principles.
- Familiarity with security scanning tools (e.g., SonarQube, OWASP ZAP).
- Experience with secrets management (Vault, AWS Secrets Manager).
- Strong knowledge of CI/CD tools (e.g., Jenkins).
- A detailed plan outlining the security integration strategy.
- A final report on the security improvements.
- Communication via a project management tool like Jira.
Who We're Looking For:
A security-minded DevOps expert who understands the full software development lifecycle. You should have a proactive mindset and be passionate about preventing security issues before they happen. Your expertise in integrating and automating security tools will be key to the success of this project.
- A CI/CD pipeline with integrated security tools.
- A secrets management solution configured for our needs.
- A security best practices guide for the team.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
