OverviewSecurity Assessment Automation Specialist (VP) role at SMBC Group. This position focuses on designing and implementing automated security assessment pipelines and governance to support secure software delivery across hybrid environments.What you'll doAutomated Security Pipelines - Design and implement enterprise-grade security assessment pipelines integrating SAST, DAST, IAST, and SCA tools into CI/CD workflows.Infrastructure as Code Security - Integrate security testing into IaC workflows (Terraform, CloudFormation), ensuring security by design in automated deployments.Hybrid Environment Coverage - Support cloud-native (Azure, GCP) and on-prem infrastructure with tailored assessment strategies.Ephemeral & Traditional Infrastructure - Implement pre-deployment validation for immutable resources and architect scanning solutions for long-lived assets using network and agent-based tools.Policy-as-Code Governance - Establish frameworks for automated enforcement of security baselines and compliance requirements.Shift-Left Security - Collaborate with DevOps and platform teams to embed security early in the software delivery process.Tooling & Innovation - Continuously evaluate emerging security tools and techniques, ensuring alignment with evolving threats and technologies.Security Architecture Guidance - Provide governance, secure design patterns, and best practices for security automation.What you'll bringStrong knowledge of CI/CD security integrations and DevSecOps principles.Proficiency in security assessment tools (SAST, DAST, IAST, SCA) and pipeline automation.Expertise in CI/CD security, DevSecOps, and automation of security assessments (SAST, DAST, IAST, SCA).Hands-on with Infrastructure as Code security (Terraform, CloudFormation) and Policy-as-Code (Azure Policy, OPA).Experience securing hybrid/multi-cloud (Azure, GCP) and on-prem environments.Strong knowledge of security frameworks (NIST CSF, ISO 27001/2, CIS) and secure design principles.Skilled in threat modelling, Zero Trust, Least Privilege, and Network Segmentation.Familiar with SSDLC, governance, risk, compliance, and secure coding practices.Understanding of architectural patterns (Multi-Tier, Microservices, Event-Driven) and frameworks (TOGAF, SABSA).Have the right to work in Ireland and happy to work on site in Dublin (hybrid working model).Employment detailsEmployment type: Full-timeLocation: Dublin, Ireland (hybrid on-site)Vendor noticeAll third-party applications will be managed by Robert Walters. Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates.
#J-18808-Ljbffr