Pearson Jobs

Job Information

Pearson Associate DevSecOps Engineer in United States

DevSecOps Engineer

A security-minded DevSecOps engineer or a Security Engineer with a depth of DevSecOps (CI/CD, automated testing, shift-left security) experience. You will be responsible for supporting our organization’s DevSecOps culture, platform and tools, and helping application development teams identify security threats/risks and implementing security controls to mitigate those threats.

Requires a reasonable level of web application, legacy datacenter, and cloud-infrastructure knowledge. You will also need a good working knowledge of automated security testing tools and integrating them with application CI/CD pipelines.

Required knowledge areas:

  • Agile software development

  • Azure DevOps administration & configuration

  • YAML & pipelines as code

  • Secure coding practices

  • Authoring CI/CD templates & integrating security tooling

  • Knowledge of common attack scenarios and how to protect against them (i.e. OWASP Top 10)

  • Basic scripting ability in PowerShell and Azure CLI

  • Understanding of Threat Modelling and how to identify specific security requirements for a project

The more you know the better:

  • Scaled Agile Framework

  • Azure

  • Offensive security

  • Infrastructure as code (mostly in ARM/Bicep)

  • Azure DevOps Extension Authoring (primarily TypeScript)

  • Protective monitoring (SIEM)

  • Azure container offerings

  • Azure Monitoring services

#LI-POST

Job: TECHNOLOGY

Organization: North America Connections

Schedule: FULL_TIME

Req ID: 669

DirectEmployers