Job Description :

#74440# CI/CD Security Engineer - Chesterfield, MO Hello Business Partners, Please do share resumes of candidates who are comfortable with sharing their PP Number, , LinkedIN, Professional References and etc., [Any Visa is accepted ] Job Title: CI/CD Security Engineer Client Company: RGA Location: Chesterfield, MO Required Skills GitHub, Git Guardian, Hashicorp Vault, AWS Secrets Manager Job Description This person will be focused on some Git initiatives they are working on. This includes partnering with teams to remediate secrets (usernames/passwords, SSL certificates, SSH tokens, etc.) that they have in their source code by removing those secrets and putting them in approved locations. There is a chance this candidate would have his/her hands in other efforts like improving their monitoring services if time allows. There are currently around 4,000 secrets that need remediated but the expectation is to simply put a dent in them. They need to be a rockstar at source code management, experience with secret management management tools, and general software development/devops. Brandon said this person can be pretty junior with less than 5 years experience. They currently use GitGuardian for their secrets and source code. Python is their main language, but they can have experience in other languages too. For version control, they are moving from Azure Devops to GitHub.  What The Candidate Would Do Specifically, I need this 1 person to have a focus on some Git initiatives we are working on. This includes partnering with teams to remediate secrets (usernames/passwords, SSL certificates, SSH tokens, etc.) that they have in their source code by removing those secrets and putting them in approved locations. There is a chance this candidate would have his/her hands in other efforts like improving our monitoring services if time allows. Right to Hire? The candidate needs to be made aware that this opportunity will very likely be limited to 6 months. There is always a chance that we keep the candidate on for a longer term if he/she proves to be valuable and budget allows, but expectations should be that this is a 6 month role.   Skillsets •      Required:  o      Very familiar and comfortable with Git. We use GitHub and Azure DevOps here at RGA for version control. Any candidate we talk to needs to be very comfortable with version control. o      Some development experience. Python preferred, but other development experience is relevant (Go, Java, Ruby, etc.). We don’t need them to be a tenured developer, but they need to understand how software development works, how teams partner together on developing a product, etc. o      Familiarity with secrets management. The candidate needs to be aware of how teams can use secret management tooling to secure secrets and the struggles with doing so. RGA uses Hashicorp Vault and AWS Secrets Manager, but other secrets management tooling is relevant. •      Bonuses (but not required): o      Jenkins experience (or other CI tooling like GitLab, BitBucket, etc.) o      Monitoring tooling experience (we use Datadog, but other tools like New Relic, Dynatrace, etc. are relevant). o      Great OS skills (Linux/Windows)

             

Similar Jobs you may be interested in ..