New

DevSecOps Engineer

Hajar Excel

Sana'a

Posted: 04 May, 25

Deadline: 24 May, 25

Job Description /الوصف الوظيفي

About Our Client

One of our clients, “A company in Yemen", is seeking to recruit a highly qualified employees where that company always relies on the recruitment of those with excellent educational qualifications and reputable people, and also to provide exceptional job opportunities.

DevSecOps Engineer

Department: Security and Compliance
Travel Requirement: No
Place: Sana’a Governorate
End Date: 24 May 2025

Summary

The DevSecOps Engineer integrates security into the software development lifecycle, embedding controls in CI/CD pipelines and cloud infrastructure. The role involves automating security testing, managing threat detection tools, and ensuring secure coding practices. Collaboration across development, operations, and security teams is essential to build a culture of security. Strong knowledge of software development, IT operations, and cybersecurity, along with experience in automation and secure cloud design, is key to proactively managing risks and responding to incidents effectively.

Key Duties and Responsibilities

  • Embed security practices into the CI/CD pipeline to ensure secure code deployment.
  • Implement and manage security tools for static code analysis, dynamic application security testing (DAST), and software composition analysis (SCA).
  • Conduct regular security assessments, vulnerability scans and penetration testing on applications and infrastructure.
  • Develop and maintain automated security testing and monitoring tools.
  • Automate security controls and compliance checks within the CI/CD pipeline.
  • Create scripts and tools to automate repetitive security tasks and improve efficiency.
  • Engage with the team in developing in-house tools and solutions
  • Design and implement secure cloud infrastructure using Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or Ansible.
  • Ensure secure configuration of cloud services and container orchestration platforms (Kubernetes, Docker).
  • Monitor and respond to security incidents related to infrastructure and applications.
  • Work closely with development, operations, and security teams to promote a culture of security awareness.
  • Provide guidance and training to development teams on secure coding practices.
  • Collaborate with stakeholders to define and implement security requirements for new projects.
  • Participate in incident response activities, including investigation, containment, and remediation of security breaches.
  • Develop and maintain incident response plans and playbooks.

Conduct post-incident reviews and implement improvements to prevent future incidents.

Supervisory Responsibilities:

  • Set objectives and targets for the team and track performance against targets.
  • Build and manage the team.
  • Identify training requirements for the team and encourage skill development.
  • Collaborate in the recruitment process, and mentor new team members.
  • Monitor performance and conduct performance reviews for the team.
  • Create career roadmap for the team members.
  • Manage and resolve any conflicts.
  • Ensure proper escalation procedure.

Required Skills

  • Proficiency in scripting languages (e.g., Python, Bash, PowerShell).
  • Experience with security tools (e.g., SonarQube, OWASP ZAP, Nessus, Burp Suite).
  • Knowledge of Infrastructure as Code (IaC) tools (e.g., Terraform, Ansible).
  • Familiarity with version control systems (e.g., Git).
  • Strong problem-solving and analytical skills.
  • Excellent communication and collaboration abilities.
  • Ability to work in a fast-paced, dynamic environment.
  • Strong attention to detail and a commitment to quality.

Education and Experience

  • Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience will be considered.
  • 3+ years of experience in DevOps, security engineering, or a related role. Proven experience with CI/CD tools.
  • Certifications in CKA, CEH, CISSP.

How to Apply /كيفية التقديم

Submission mechanism

Those who meet the above requirements must submit their information under Hajar Excel Website

or our Recruitment Platform HERP: Click HERE.

Ensure to:

  • Add/update your data correctly in the platform HERP.
  • Upload your ID Card (Required)*.
  • Upload your college transcript and certificates (Required)*.
  • All Applications should be in English, other will not be considered*.
  • Candidates who have not applied through HERP will not be considered.
  • Only shortlisted candidates will be contacted after the application submitting deadline.

Important Notes / ملاحظات هامة

Following the instructions on How to apply will always increase your chances of getting your application looked at.

إتباع تعليمات التقديم المذكورة في كل إعلان ستزيد من فرصة النظر لسيرتك الذاتية من قبل الجهة المعلنة

If you're applying by email, make sure you mention the job title in the "Subject" field of your message.

تذكر أن تكتب إسم الوظيفة و موقعها في عنوان البريد عندما يكون التقديم عبر الإيميل

Always tailor your CV and cover letter to match the job requirements to stand out from other applicants.

احرص دائمًا على تخصيص سيرتك الذاتية وخطاب التقديم لتتناسب مع متطلبات الوظيفة للتميز عن المتقدمين الآخرين

Hajar Excel Logo

Hajar Excel

Job Application

Sign in to track your application for this job

Sign in to Track

Time Remaining

0

days left

0
Hours
0
Minutes
0
Seconds
Deadline: May 24, 2025
This job has expired