Job Description

Techwave, we are always in an exercise to foster a culture of growth, and inclusivity. We ensure whoever is associated with the brand is being challenged at every step and is provided with all the necessary opportunities to excel in life. People are at the core of everything we do.

Join us!

Who are we?

Techwave is a leading global IT and engineering services and solutions company revolutionizing digital transformations. We believe in enabling clients to maximize the potential and achieve a greater market with a wide array of technology services, including, but not limited to, Enterprise Resource Planning, Application Development, Analytics, Digital, and the Internet of things (IoT).

Founded in 2004, headquartered in Houston, TX, USA, Techwave leverages its expertise in Digital Transformation, Enterprise Applications, and Engineering Services to enable businesses accelerate their growth.

Plus, we\'re a team of dreamers and doers who are pushing the boundaries of what\'s possible.

And we want YOU to be a part of it.

Job Title: Dev SecOps Engineer

Experience: 5+ Years

Mode of Hire : Fulltime

Typical Duties and Responsibilities

• Security knowledge capturing and consolidation.
• Collaborating with Client on software application security policies and procedures.
• Providing technical leadership, guidance, and direction to the application security team.
• Collaboration on product conceptualization for security by design - Setting Development Parameters
• Developing and maintaining documentation of application security control.
• Implementing software application security controls.
• Performing application scanning and testing.
• Automation enablement to reduce testing workloads.
• Designing technical solutions to address security weaknesses.
• Analyzing system services and spotting issues in code, networks, and applications.
• Following security best practices in performing tasks.
• Communicating the nature and severity of security concerns to the development team.
• Helping the development team assess and remediate concerns.
• Create, develop, and implement solutions to address infrastructure and security requirements.
• Identify the needs for build automation, designing, and implementing CICD solutions.
• Consult on DevSecOps requirements from diverse application/line of business partners.
• Create plug-and-play/reusable solutions and patterns for CICD pipelines.
• Create, develop, and implement automation and system integration for various build platforms.
• Publish and disseminate CICD best practices, patterns, and solutions.
• Ensure that the service\'s uptime and response time SLAs/OLAs are met or surpassed.
• Build or maintain CICD building blocks and shared libraries proactively for app and development teams to enable quicker build and deployment.
• Design action plans to address CICD platform/tools/solutions\' shortcomings and difficulties.
• Actively participate in bridge calls with team members and contractors/vendors to prevent or quickly address problems.
• Troubleshoot, identify, and fix problems in the DevSecOps domain.
• Ensure incident tracking tools are updated in accordance with established norms and processes, gather all essential data and document any discoveries and concerns.
• Identify management concerns and problems, assess them, and offer prompt solutions and/or escalation.
• Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL)
• Create and publish engineering platforms and solutions.

• Bachelor\'s degree in engineering, computer science or a related field

• Minimum of 5 years application of application development experience
• Minimum of 5+ years of experience in application Security or related information technology security role
• Demonstrated Experience in multiple security testing approaches
• One or more Security related Certifications: CISSP, CASE, CASE Java, WAHS
• Any scripting languages like Power shell scripts, Bash or Python needs to added.
• Demonstrated Technical Writing work
• Ability to work collaboratively with senior management across multiple departments
• Ability to work effectively in a fast-paced, project-oriented environment
• Ability to prioritize and execute tasks
• Ability to handle sensitive and confidential information
• Ability to handle multiple tasks simultaneously
• Strong analytical and problem-solving skills
• Comprehensive technical expertise in a variety of DevSecOps toolkits, including Ansible, Jenkins, Artifactory, Jira, Black Duck, Terraform, Git/Version Control Software, or comparable technologies
• Familiarity with information security frameworks and standards
• Knowledge of DevOps Automation (TerraFrom, GitHub, GitHub Actions)
• Knowledge of cloud, SIEM, SOC, Nesus, Crowd strike or similar services
• Familiarity with API Security, Container Security, AWS Cloud Security
• Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA Standards and Policies and the associated certification and audit processes
• Familiarity with Amazon AWS policy, configuration, and security management tools
• Experience with security automation and machine learning
• Proven capacity for thinking leadership and a highly creative problem-solver
• Excellent analytical and interpersonal skills
• Ability to express technical information clearly at different organizational levels

• CISM, CISSP or other Security Certifications
• Auditing and Compliance Certifications such as CISA, PCI-ISA, and PCIP

Techwave