Should be educated to degree Level in Digital Forensics, Information Security, DevOps or an IT related discipline
Should hold relevant industrial security / DevSecOps / DevOps certifications, or willingness to acquire
Provide security services and support for Prudential's business groups. Interact directly with Prudential colleagues globally to perform DevSecOps services. Will be responsible for implementing, integrating, and testing of security scan automation features in CI/CD pipelines
Skills:
Familiar with Jenkins based CI/CD Pipelines
Working experience to implement and test automation scripts and setups
Familiar with integrating security tools and providing vulnerability assessments. Leveraging tools such as Burp Suite Enterprise, Checkmarx, NowSecure, OWASP ZAP
Understanding of OWASP Top 10 and SANS Top 25 vulnerabilities and how to remediate
Working knowledge of using API to interact with web services provided by tools
Conduct tool evaluations and build proof of concepts
Integrate with reporting tools to provide consolidated view
Ability to turn technical standards into working practice
Assist in driving consistency and standardization of DevSecOps services across the enterprise
Strong Automation, IaC skills (Ansible, Python).
Maintain documentations and user guides
Knowledge of security within cloud environment, especially around networking, security and administration
A motivated and flexible approach to work in an adapting fast-moving Agile environment utilizing technology and tools such as Jira, Jira Align, Miro, Confluence.
Can demonstrate strong performance ethos and personal commitment for outstanding customer service
Ability to interface with both technical and non-technical teams
Willingness to train and upskill on a continuous basis
Excellent communication, time management and organizational skills