Architect (DevSecOps) @ Akamai
(práce v Polsku)

Architect (DevSecOps) @ Akamai

Polsko

• Have hands-on Product/Application Security experience
• Have proven expertise in SSDLC, secure design, and secure coding practices
• Be hands-on with SAST, DAST, SCA, IAST, and container security tools
• Show familiarity with vulnerability classification frameworks (CVSS, CWE, OWASP Top 10) and risk-based remediation approaches
• Possess working experience with GitHub/GitLab/Bitbucket, Jira/ServiceNow, and CI/CD pipelines
• Understand cloud-native environments, Docker, and Kubernetes
• Communicate clearly across engineering, product, and infosec teams
• Be a problem-solver who balances security and business needs

The Product Security team integrates security practices into Akamais software development lifecycle at every stage. Vulnerabilities are identified, prioritized, and resolved pre-production to ensure secure and reliable solutions. Collaboration with product, engineering, and infosec teams enables risk-based remediation and scalable processes. These efforts safeguard customers and the business while supporting innovative software development.

This position supports Akamais product and engineering teams in enhancing the Secure Software Development Lifecycle (S-SDLC). Responsibilities include threat modeling, addressing security findings, and directing remediation within CI/CD workflows. Security integration at scale is essential to ensure applications achieve optimal reliability and trustworthiness.

,[Integrating security practices into the SSDLC across multiple product teams, Performing threat modeling, design reviews, and secure code reviews, Triaging and prioritizing findings from SAST, DAST, SCA, secrets scanning, and container security tools, Partnering with developers and DevOps engineers to guide remediation and validate fixes, Creating and maintaining security standards, developer guidelines, and policies, Driving the integration of security tools into CI/CD pipelines and build workflows, Participating in incident response activities and supporting post-incident reviews, Communicating risks and remediation strategies effectively to both technical and non-technical audiences] Requirements: SSDLC, SAST, DAST, GitHub, GitLab, Bitbucket, Jenkins, ServiceNow, CI/CD Tools: Jira, GIT, Agile. Additionally: Private healthcare, Small teams, International projects, Home Office Budget, Free coffee, Gym, Canteen, Bike parking, Playroom, Shower, Free parking, In-house trainings, In-house hack days, Modern office, Startup atmosphere, No dress code.

Kategorie

devops

Odpovědět na inzerát