DevSecOps Security Specialist

Location プタリン・ジャヤ, セランゴール州 掲載日 March 24, 2025 求人ID 18882

Our Opening and Your Responsibilities

We seek a hands-on DevSecOps Security Specialist to integrate and maintain our application security tools across multiple product teams. You will work closely with our DevSecOps Security Architect in Cybersecurity, supporting CI/CD pipeline integrations, security scanning operations, vulnerability triage, and secure coding initiatives. The ideal candidate brings security expertise, DevSecOps know-how, and strong collaboration skills.

Responsibilities:

DevSecOps Integration: Collaborate with software development and product teams to embed security within our DevOps processes, ensuring the secure deployment of applications and infrastructure.
Secure Solutions Design: Architect scalable security solutions that align with DevSecOps principles and industry standards/regulations.
Policy & Compliance: Develop and maintain security policies, standards, and procedures; ensure compliance with relevant regulatory requirements (e.g., OWASP Top 10, CWE Top 25, SANS 25).
Maturity Assessment: Conduct DevOps/DevSecOps maturity assessments to gauge and improve processes within development teams.
Security Testing & Tooling: Implement and manage security testing tools (e.g., SAST, SCA, DAST, & IAST platforms), including vulnerability scanning, code analysis, and penetration testing.
Collaboration: Work cross-functionally to integrate security measures throughout the software development lifecycle.
Risk Awareness: Stay current on emerging threats, trends, and security technologies; communicate risks and issues to senior management.
Thought Leadership: Serve as a subject matter expert and advocate for secure coding and application security best practices.
Technical Support: Automate security checks in Azure DevOps/Jenkins/GitHub Actions; help developer teams understand and fix vulnerabilities.

What You Need to Succeed

Education: Bachelor’s degree in Computer Science, Information Systems, or a related field.
Experience: 5+ years in software development and application security architecture/development.

Technical Expertise:

Strong understanding of DevOps tools and processes, network security, cryptography, application security, and cloud security.
Solid background in web application architecture, design, and development (including embedded systems is a plus).
Familiarity with industry compliance frameworks (e.g., GDPR, OWASP Top 10, CWE Top 25, SANS 25, ISO27001, IEC62443).
Practical experience with Git, Azure DevOps, Visual Studio/VS Code, Eclipse, or similar.
Experience with Coverity(SAST), BlackDuck SCA, BlackDuck Binary Analysis (BDBA), and CodeDX (SRM) is a plus.

Skills:

Excellent analytical and problem-solving abilities.
Strong communication and interpersonal skills for effective collaboration with internal stakeholders and external vendors.
Industry certifications (e.g., CISSP, CISM, CSSLP, CEH) are a plus.

Our Offer to You

Competitive salary and comprehensive benefits package.
Opportunities for professional growth and development in a global enterprise environment.

About Mettler Toledo

METTLER TOLEDO is a global leader in precision instruments and services. We are renowned for innovation and quality across laboratory, process analytics, industrial, product inspection, and retailing applications. Our sales and service network is one of the most extensive in the industry. Our products are sold in more than 140 countries, and we have a direct presence in approximately 40 countries. For more information, please visit www.mt.com.

Equal Opportunity Employment

We promote equal opportunity worldwide and value diversity in our teams in terms of business background, area of expertise, gender and ethnicity. For more information on our commitment to Sustainability, Diversity and Equal Opportunity please visit us here.

応募する Save Job