DevSecOps Engineer at Vodacom

DevSecOps Engineer 

Joining Vodacom is more than a job, what we do matters. We don’t just carry minutes, texts and data – we carry people’s lives. And that’s a huge responsibility. If you think for a minute about the people you rely on…the likelihood is they rely on us.

Customers are at the heart of everything we do and we want to make a difference to the lives of our customers, and the communities in which we live and work. We support our people to give something back to the causes that mean the most to them through helping them give time and money to the charities they love.

And what’s it like to work here? We have created an environment where you can look forward to coming to work and are empowered to be at your best. We offer flexibility in how you work that helps you do your job in a way that suits you, opportunities to help you grow and progress throughout your career and a choice of benefits to suit your lifestyle.

Role Purpose

The DevOps Engineer is responsible for managing and reducing security risks by developing global security controls across the in house agile development initiatives, as well as integrating security into our DevOps pipelines

The incumbent is responsible for undertaking extensive security assessment and evaluation of the technology platforms deployed/built in house to ensure the expected security risk reduction.

Key Accountabilities

Impact on the business

• Help to build tactical practice to integrate cybersecurity into the organizational adoption and improvement of agile practices.
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities
• Guide team members on secure coding practices.
• Perform on-going security testing and code review to improve software security.
• Develop procedures to automate security tasks which seamlessly integrate into code builds and deployments.
• Demonstrate attacks in applications and coordinate Risk mitigation for new and production systems
• Provides real-time reporting of product and service vulnerabilities across the business.
• Advocate DevSecOps related Cyber Security baselines (CSB) and ensure strategic aligned controls are implemented.
• Document implemented security controls
• Tay current on security industry trends

Leadership and Teamwork

• Drive Security Chapter Leadership, train and develop security Champions in each squad
• Partner with Solution design and Engineering teams to create, implement and apply DevSecOps principles, processes and culture that are consumed by delivery teams.
• Provide input to Security Policies and requirements on Technology security methods and technologies
• Provide mitigation strategies of various security risks or gaps in DevOps landscape.

Cont: Key accountabilities

• Customers, supplier and third parties
• Ensure compliance with Legal and Regulatory requirements.
• Fulfil Key Customers obligations and Stakeholders expectation.
• Ensure latest security measures are implemented across all internal and External systems integrations.

Communication

• Ensure Cyber Security requirements are documented and communicated in a manner that can be well understood by design and engineering teams.
• Act as SPOC for Vodacom Tanzania in all group Security Chapter meetings.
• Assess, Identify, document and communicate Risks with Agile environment in a manner that can be well understood by Management, design, engineering and Operations team.

Competencies, Knowledge, experience & Qualifications

Core competencies, knowledge and experience

• DevSecOps culture, processes, and tools
• Agile delivery using Scrum or Kanban methodologies
• Secure CI/CD implementations
• Cyber Security and Risk Management skills
• Strong understanding on OWASP Web Application Security Risks.
• Unit, integration, smoke and static code analysis testing
• Architectural element testing e.g. APIs
• Expertise in multiple programming and markup languages, such as HTML, CSS, JavaScript/Native                        script, Android, Java,PhP, Ruby, SQL, XML, JSON, C and Python,
• Cloud technologies AWS, GCP, micro-services architectures, API etc
• Knowledge of Operating systems such as LINUX,Windows etc.
• Flexibility & quick learner
• Strong problem solving
• Strong communications skills
• Business acumen

Must have technical / professional qualifications: 

• Bachelor’s Degree in Computer Science, Information Systems, or other related field
• 2 -3 years’ in Cyber security and software development experience
• Efficient coding, scripting and automation skills
• Security certifications (OSCP, OSWE, CEH or equivalent) will be added advantage

Skills

Security

Risk and Compliance

Commitment from Vodacom

Vodacom is committed to attracting, developing and retaining the very best people by offering a flexible, motivating and inclusive workplace in which talent is truly recognized, developed and rewarded. We believe that diversity plays an important role in the success of our business and we are committed to creating an inclusive work environment which respects, values, celebrates and makes the most of people’s individual differences – we are not only multinational but multicultural too. At Vodacom you will have access to our excellent flexible benefits programme that you would expect from any global company.

CLICK HERE TO APPLY