The Role

The DevSecOps team is embarking on a mission of rapid maturity and require a highly motivated and talented DevSecOps specialist to help guide us on this journey. 

The DevSecOps team operates out of Stockholm and is one of the responsible teams for securing FDJ UNITED group and its assets. We are searching for that certain someone who is not satisfied in just knowing common standards and frameworks, but instead likes to understand vulnerabilities, the exploitability, how to think like the adversary, and most importantly how to defend against them. You should have a real personal passion for security (across a broad range of domains), technology and an insatiable lust to develop further as a DevSecOps expert (both technically and generally). If you are a DevOps engineer with a strong security passion or a security professional with a DevOps engineering background. This role is perfect for you. 

The DevSecOps team is part of Cyber Security that contains of 3 teams (Product Security, Offensive Security and DevSecOps). 

Responsibilities 

• Suggest and implement security controls within our infrastructure (Kubernetes, AWS)
• Suggest and implement security controls in CI/CD pipelines
• Create hardening guidelines within the DevSecOps area
• Implement, maintain, and improve our security tools within the DevSecOps area
• You will be the first line of contact for security advisory towards our DevOps teams
• Work closely with our DevOps team to make sure that security is considered during projects
• Perform Security Training within the DevSecOps areas
• Help maturing and driving our DevSecOps area forward
• Ensure that you adhere to the Governance, Risk & Compliance (GRC) obligations for your role.

• Identify and raise any non-compliance incidents promptly to your line manager.
• Challenge processes, policies and projects that will negatively impact compliance within the Group.
• Complete all mandatory compliance training assigned to you.
• Reach out to the Compliance Teams if unsure of any of your compliance obligations or the requirements are unclear. 

Requirements 

• 3+ years of experience in Security, DevSecOps, DevOps, or similar roles 
• Strong experience working with Docker, Kubernetes 
• Strong experience working with AWS 
• Experience working with CI/CD practices 
• Experience with infrastructure-as-code is a plus 
• Hands-on scripting or programming experience 
• Strong security foundation, including knowledge of common vulnerabilities, threats, and security toolings in the DevOps area 
• Strong people skills  
• Able to work independently and as part of the team 
• Worked within an Agile environment 
• Able to engage well with technical and non-technical audiences 
• Excellent communication skills and native English, both verbal and written