# 1. Expert in DevSecOps

*Nature of the tasks*

* Plan, implement, upgrade DevSecOps pipelines
* Facilitate the continuous delivery of IT applications by using Application Lifecycle Management and automation tools.
* Promote the usage of DevSecOps methodologies for IT projects.
* Architect and design API Security, Container Security, Cloud Security.

*Education* : EQF 7

*Specific expertise and technologies*

* Experience with large, enterprise-level multi-user Information Systems
* Good knowledge in establishing and managing deployment pipeline and release management
* Good knowledge with DevOps container or serverless /orchestration tools (ie: Docker, Ansible, Terrafom, buildpacks, Kubernetes, etc.)
* Good knowledge in at least a programming language (JAVA, Python, Bash, Perl, etc.)
* Good knowledge in conducting DevSecOps in an agile work environment
* Good knowledge in cloud security architecture and security requirements
* Good knowledge in black box and white box testing (OWASP, HP Fortify, etc.)
* Good knowledge of continuous delivery and Application Lifecycle Management tools (JIRA, Git, Bamboo, Nexus, etc.)
* Good knowledge with secret management tools (CyberArk, Hashicorp etc.)
* Good knowledge with Monitoring tools (Dynatrace, Prometheus etc.)
* Good knowledge in the Cloud (Aws, Azure, Google, OVH etc.)

*Certification and/or Standards*

**Mandatory certifications (one of):**

* Certified DevSecOps Professional (CDP) certification,
* AWS Certified DevOps Engineer – Professional,
* Microsoft DevOps Engineer Expert,
* Google Professional Cloud DevOps Engineer,
* or equivalent to be approved by the Commission

*Skills*

* Rapid self-starting capability and experience in team working.
* Excellent interpersonal and communication skills
* Ability to participate in multi-lingual meetings, ease of communication
* Security and cloud Skills
* Automation skills to optimize and understand the DEVSECOPS pipelines

*On-call services foreseen for this profile :* No