Role: Senior DevSecOps Engineer
Location: Utrecht
Start: asap!
Period: 12 months
Extension: possible [ 12 months! ]
Salary: competitive
Closing date to apply: open submission
The recruiting process for this vacancy is a ongoing process!
Note:
The client prefers candidates, who are already living in the EU!
Profile client:
Rabobank is a cooperative bank with over 8 million customers. Through large and small initiatives, the bank aims to make the world a little bit better. They support local enterprises and larger non-profit organizations and thus contribute to the welfare and prosperity of the community.
Job description:
Senior DevSecOps engineer:
You help protect our systems against cyber threats, by supporting DevOps teams with training, tooling and with security expertise.
You and your job:
RNT DP (Digital Platform) is a domain inside Rabobank's Retail NL Tech branch that delivers a large number of Rabobank's online presence. Rabobank Online, Rabobank Business Banking, the Rabobank mobile app all were made by our DevOps squads.
Inside RNT DP, team Strongbow is a technical support squad. We do not have any deliverables for Rabobank customers, Rabobank's DevOps engineers are our customers! Our team supports many tribes and domains, by offering in-house DevSecOps consulting.
Our services include:
You and your talent:
As a senior member of the team, we would like you to provide guidance and stability to both our customers and our own team.
Our team will soon grow with a few juniors and mediors, who will need instruction and who may need mentoring in their personal development.
Requirements:
If you want to apply for this role, we will need the following information from you:
Location: Utrecht
Start: asap!
Period: 12 months
Extension: possible [ 12 months! ]
Salary: competitive
Closing date to apply: open submission
The recruiting process for this vacancy is a ongoing process!
Note:
The client prefers candidates, who are already living in the EU!
Rabobank is a cooperative bank with over 8 million customers. Through large and small initiatives, the bank aims to make the world a little bit better. They support local enterprises and larger non-profit organizations and thus contribute to the welfare and prosperity of the community.
Job description:
Senior DevSecOps engineer:
You help protect our systems against cyber threats, by supporting DevOps teams with training, tooling and with security expertise.
You and your job:
RNT DP (Digital Platform) is a domain inside Rabobank's Retail NL Tech branch that delivers a large number of Rabobank's online presence. Rabobank Online, Rabobank Business Banking, the Rabobank mobile app all were made by our DevOps squads.
Inside RNT DP, team Strongbow is a technical support squad. We do not have any deliverables for Rabobank customers, Rabobank's DevOps engineers are our customers! Our team supports many tribes and domains, by offering in-house DevSecOps consulting.
Our services include:
- Internal security tests of web applications and APIs.
- Testing, deploying and improving DevSecOps tooling (SAST, DAST, SCA, secrets detection and more).
- Creating and maintaining automation templates for Azure DevOps CI/CD pipelines.
- Creating and maintaining testing rules for DevSecOps tooling.
- Develop and teach in-house trainings, about pen-testing, defensive coding, PKI/certificates, threat modeling and more.
- Coaching and consulting, when teams need clarifications on security standards.
- Security maturity assessments, helping DevOps squads improve their way of working.
- Threat modelling sessions, helping DevOps squads improve the designs and resilience of their software.
- Researching improvements for DevSecOps tooling.
- Maintenance of scripting and rulesets for DevSecOps security scanning software.
- Teaching classes to groups of 5-10 engineers at a time.
- Be a sparring partner with our standards board, to create and improve security standards and architecture.
- Work with Tooling and Automation Support (TAS) to shape the future of DevSecOps tooling for the whole of Rabobank.
- Be our team's spokesperson towards our Security Champions, to our DevOps engineers and to our Management Team.
- Handling major security incidents and vulnerabilities, in cooperation with Rabobank's Cyber Defence Center.
- 32-40 hours per week.
- Work-from-home, with one optional day per week in the office.
- 5 direct colleagues.
- 1000+ DevOps engineers as your customers.
- Collaborate on the definition of new security standards and architecture.
- Teach in-house classes, multiple times a month, on technical aspects of information security.
- Provide guidance on handling (major) security vulnerabilities in software and infrastructure
Together we achieve more than alone
You and your talent:
As a senior member of the team, we would like you to provide guidance and stability to both our customers and our own team.
Our team will soon grow with a few juniors and mediors, who will need instruction and who may need mentoring in their personal development.
Requirements:
- Master/Bachelor degree in Computer Science/ Information Security
- you can also substitute with established professional certifications like CISSP, OSCP, CySA+ or CASP+.
- At least one scripting language, like Powershell or Linux shell scripting.
- Modern hybrid cloud infrastructures, as well as virtualization platforms.
- DevOps and CI/CD concepts and technology (pref. Azure DevOps).
- The English language. Dutch is not a requirement, but it'd be great if you speak it too.
- Pen-testing of web applications and APIs.
- Threat modelling and secure design.
- DevSecOps tooling (SAST, DAST, SCA, etc).
- PKI, certificates, cryptography and TLS troubleshooting.
- DevOps, CI/CD pipelines and automation (Ansible etc)
- One higher programming language, like Python, Java, Kotlin or .Net.
- Kubernetes, Cloud Foundry, Azure Cloud
If you want to apply for this role, we will need the following information from you:
- Most recent CV, in Word format, max 5 x A4, in the English language
- Good/Solid motivation, focused on the application!
- Explanation of the requirements and competences set [red highlighted]!
- At least 1 recent reference, which can be verified!
- Availability