lock-svg project Successfully occupied
View offer information dropdown icon
Wallet icon Coin icon Rate 10 000 CZK - 12 000 CZK / man-day
Timer icon Form of cooperation Full-time / 50% Remote
Briefcase icon Sector Information Technology
Location icon Location Praha
Project duration 12 months with possibility of extension
Period of cooperation 20.05.2024 - 20.05.2025
Start date ASAP
Languages
  • Slovak or Czech flag Slovak or Czech - native

Project description

  • ensuring the security of the EUSPA DevOps environments and CI\CD pipelines
  • providing leadership in the DevSecOps areas of Container Security, Cloud security, API Security, Vulnerability Scanning, Certificate Management, Secrets Management, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts
  • cooperate on integration of software development projects into EUSPA infrastructure
  • defining compliance requirements based on Policies and Standards
  • support the Security Automation and infrastructure as code
  • develop an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open and closed source solutions
  • ensuring proper documentation of the processes and systems

Project requirements

  • good knowledge of DevSecOps, ability to implement security features and GPOs
  • knowledge of security best practices/standards/principles such as Information Security frameworks/standards (ie CIS, NIST, RFC2196, etc)
  • networking experience/knowledge and broad understanding of network protocols and services (eg FTP, HTTP, SSH, SMB, LDAP)
  • experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, Clair, Sonarqube, NMAP, etc)
  • ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and applications and determine any reported vulnerabilities that are false positives
  • coordination and remediation of vulnerabilities within established timeframes
  • proficiency in Python, Bash and/or other programming and scripting languages
  • comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc
  • knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
  • ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines
  • DevOps Automation: GitHub/GitLab, Azure DevOps, Jenkins (any), Helm charts
  • knowledge of Kubernetes, Docker, container orchestration platforms (OpenShift, Rancher), container image registers (Dockerhub, harbor)
  • knowledge of Secret Scanning, Secure code analysis, Dynamic Application Security Testing, Static Application Security Testing tools, Container Scanning, Infrastructure as Code Scanning
Are you interested in this project?
Recommend an IT specialist Do you know anyone who could use this project? Recommend him and get a reward!
New to the world of IT freelancing ?

Freedom, flexibility, greater control over finances and career. Freelancing has evolved and offers much more today. See what's in store for you and how it will change your life.

Are you interested in this project?
Recommend an IT specialist Do you know anyone who could use this project? Recommend him and get a reward!

32 603

Titans that have
joined us

679

Clients that have
joined us

453 755

Succcessfully supplied
man-days