DevSecOps Engineer

Joining Capco means joining an organisation that is committed to an inclusive working environment where you’re encouraged to #BeYourselfAtWork. We celebrate individuality and recognize that diversity and inclusion, in all forms, is critical to success. It’s important to us that we recruit and develop as diverse a range of talent as we can and we believe that everyone brings something different to the table – so we’d love to know what makes you different. Such differences may mean we need to make changes to our process to allow you the best possible platform to succeed, and we are happy to cater to any reasonable adjustments you may require.

You will find the section to let us know of these at the bottom of your application form or you can mention it directly to your recruiter at any stage and they will be happy to help.

Capco is a global technology and business consultancy, focused on the financial services sector. We are passionate about helping our clients succeed in an ever-changing industry.

We are/have:

• Experts in banking and payments, capital markets and wealth and asset management
• Deep knowledge in financial services offering, including e.g. Finance, Risk and Compliance, Financial Crime, Core Banking etc.
• Committed to growing our business and hiring the best talent to help us get there
• Focused on maintaining our nimble, agile and entrepreneurial culture

As a Capco Security Engineer you will:

•  Coordinate security in order to assist IT teams in delivering secure infrastructure solutions with his/her security recommendations and requirements.
• Participate in implementation or deployment of new tools, processes and best-practices in order to improve knowledge sharing and to raise security level while promoting security awareness 
• Communicate with efficiency while delivering security needs and validating that appropriate security measures are in place.

Skills & Expertise

• Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement security programmes throughout the organisation.
• Experience coordinating and performing vulnerability assessments through the use of automated and manual tools.
• Ability to review and analyse vulnerability data to identify security risks to the organisation’s network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
• Capability to prepare security vulnerability and risk management reports for management.
• ·Leadership and Teaming skills to coordinate remediation of vulnerabilities within established timeframes.
• Proficiency in Python or other scripting languages.
• Familiarity with Information Security frameworks and standards.
• Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools.
• Experience implementing solutions with Oauth, OpenID and SAML
• Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools.
• Ability to work with APIs and plugins to integrate security tools into established CI/CD pipelines.
• Experience with Hashicorp Terraform and Vault.
• Experience with GCP, AWS, Azure, etc.

    Nice to have skills

• Experience in Zero Trust Security.
• Experience with Hashicorp Sentinel and/or OPA.
• Experience in financial services and openbanking.
• Experience migrating on-premises solutions to a cloud ecosystem