Location:
Brussels, Belgium
Security Clearance:
NATO Secret
Reference No:
2024-0057 / Brussels
Introduction:
The NATO Communications and Information Agency (NCI Agency) has moved towards short‐cyclic capability development via NATO Software Factory (NSF) services. NSF is a development and testing DevSecOps Platform hosted in Microsoft Azure Cloud, designed to enable the use of standardized secure software engineering processes and common tooling shared by Alliance Federation, Industry, Academia and Nations.
NCI Agency is looking for a DevSecOps engineer with a strong background on C#/.NET development, Azure PaaS services, containerization technology (compliancy and security assessment, implementing and maintaining base layers, and assist with complex containerized
deployments and infrastructure as code (Kustomize, ARM, TerraForm) to support the NSF team.
Skills, knowledge, experience required:
- Relevant and recent experience in:
- Technical leadership;
- Building and securing containers;
- Developing infrastructure as code;
- Using development tools (e.g. NuGet, GraphQL, PowerShell) and the Scrum methodology.
- Relevant and recent experience with container orchestration platforms;
- A strong track record in DevSecOps and strong problem solving skills;
- Extensive and recent experience with and knowledge of Continuous integration and delivery, including the following tools and technologies and concepts:
- Git;
- Docker;
- Azure DevOps;
- Infrastructure as Code such as ARM;
- Designing and implementing build/deploy pipelines;
- Application security/code quality testing tools such as SonarQube, Checkmarx or OWASP Dependency Check;
- Shift left/right testing using test automation tools such Junit/NUnit, Selenium, Protractor, Cucumber.
- Extensive and recent experience with and knowledge of Continuous Operations, including the following tools and technologies and concepts:
- Kubernetes;
- Telemetry/Monitoring solutions such as Application Insights, Azure Monitor or Prometheus;
- Helm;
- Container Registry;
- Container vulnerability scanning tools such as Trivy and Anchore.
- Experience with and knowledge of developing application using C#/.NET and REACT/TypeScript;
- Strong customer relationship skills, including negotiating complex and sensitive situations under pressure;
- Ability to speak and write fluent English.
Duties/role:
- Support building the NATO Trusted Container service and Integration Testing service;
- Providing Technical Leadership for assigned activities;
- Developing and updating Azure DevOps pipelines;
- Implementing security scanning for containers;
- Developing and maintaining secure common base layers for containers, including applying required hardening settings;
- Developing and maintaining infrastructure as code for deployment and configuration of infrastructure (VMs, Disks), core services (AD, CA, Exchange etc.), and applications (NATO and Commercial Application);
- Supporting NSF users with DevSecOps expertise;
- Developing reusable deployment packages for Azure covering IaaS and PaaS services;
- Supporting the development of internal tooling.
VECTOR SYNERGY sp. z o.o., ul. Marcelińska 90, 60-324 Poznań, NIP PL7811857270, REGON 301575740, KRS: 0000369575
Rejestr Przedsiębiorców KRS prowadzony przez Sąd Rejonowy Poznań – Nowe Miasto i Wilda w Poznaniu, VIII Wydział Gospodarczy KRS,
kapitał zakładowy wynosi: 73 500,00 złotych wpłacony w całości, TEL +48 616684500, FAX +48 616684501, www.vectorsynergy.com,
[email protected] 