Senior DevSecOps Team Lead

Posted 15 May 2024
Salary Up to £0.00 per annum
Job type Freelance
Discipline Tech
Contact NameRicky Kelsey

Job description

You will lead the DEVSECOPS team.

This team focusses on the automation of the software delivery chain with security embedded. Typical activities:
* Prepare the procedures and automation for deployment of software (own development, operating systems, utility
software etc.) including the necessary tools to monitor the install base.
* Prepare the procedures and automation for deployment of hardware (servers, workstation, network devices)
including the necessary tools to monitor the install base.
* Execute the first installation / update in collaboration with the SYS ADMIN team. Afterwards the SYS ADMIN team
is responsible for the roll-out towards the other signaling-boxes. DEVSECOPS is responsible to support the SYS
ADMIN during the rollout in case of issues and to collect the return of experience during the roll out so that we can
constantly improve the automation and the procedures.
* Testing, documenting and implementation of new technologies and concepts: improving DEVSECOPS chain
* Second level support for the EBP software and IT equipment in the signal zones
The team supports on cybersecurity amongst others with executing following tasks:
* Determine threats and risks in software and infrastructure architectures.

* Analyze and make proposals to improve the security exposure of new infrastructure but also for the existing
* Execute security code review
* Evaluate vulnerability reports - propose mitigations and follow them up to have them implemented after approval
* Assist / execute penetration testing
* Patch management
The team also manages the test and development environments of the EBP developers. Typical activities:
* Deployment and maintenance of development machines
* Deployment and maintenance of whole EBP test environments
* Troubleshooting of development and test environments

3. Important elements for executing the requested service contract:
The service provider shall make sure that the person at the clients' disposal:
* Can facilitate and steer a team, making it an efficient and positive environment to work in.
* Is a good communicator.
* Is able to work under stress.
* Can work in a structured way.
* Keeps deadlines and budgets in mind
* Understand when assistance of a colleague is needed and when not.
* Understand that keeping documentation up to date is a no brainer.
* Is customer oriented, acts discretely and loyally, since there is direct contact with the end customer
* Willing to work in IT operations and to support the different teams during go-live and hyper care periods (typically
on site of the customer and outside the normal business hours (weekends - night)
* Is flexible on working hours and mobility in Belgium

4. Doelstelling(en) van de Dienst/Opdracht
Team Lead / Development - Security and Operations engineer

5. Vereiste competenties voor de uitvoering van de Dienst/Opdracht - Type Dienst/Opdracht volgens de
'Definition of Services'
Must have knowledge:
* Master's degree in engineering or informatics
* Managing a team of 6 to 10 technical people (mixture of junior, medior and senior engineers)
* Cross team collaboration
* Agile working
* Very good knowledge of Linux operating systems (Redhat) including scripting (bash, python)
* Must speak / understand Dutch, French and English
* Can prove cyber security experience for OT infrastructure.
* Solid cyber security knowledge
* Experience with working in a production environment
* Basic knowledge of Javascript and good knowledge of Java
* Basic knowledge of network administration: router - switch - VPN - firewall
Knowledge of the following domains is an asset:
* Certifications as CISSP and/or CISM, ISO 27001
* Puppet (open source version), Ansible
* Zabbix / Nagios
* Elastic Stack (amongst others Kibana)
* Database technology: mysql / postgress
* Atlassian suite (Jira / Confluence / Git)
* VMWare (VCenter)
* CMDBs (e.g. GLPI)