Lead Specialist in DevSecOps

"PAŞA Insurance" OJSC invites candidates to apply for the position of Lead Specialist in DevSecOps to become a member of a professional team. Job responsibilities include the design and assessment of software, DevOps, and Cloud architectures from a security perspective; formulation and implementation of the company's DevSecOps strategy; design, automation, and optimization of security controls (security gates) in CI/CD pipelines; integration of security requirements at an early stage (shift-left security) within the SSDLC framework; selection, configuration, and risk-based analysis of results from SAST, DAST, SCA, IaC, and Container Security tools; establishment and oversight of security architecture in Kubernetes, Docker, and Cloud environments (AWS, Azure, GCP); drafting security policies, standards, and procedures for DevOps infrastructure; leading the identification and mitigation of critical information security risks related to software and infrastructure; ensuring and monitoring compliance with NIST, CIS Benchmarks, OWASP, and internal company requirements; providing technical leadership and mentoring to DevSecOps, DevOps, and development teams; establishing mechanisms for detecting and preventing security incidents in CI/CD and runtime stages; organizing internal training and best practice sessions on security.