DevSecOps Specialist

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services. We offer solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Accenture Song.

The Cyber Security team (within the Accenture Security team) assists clients in securing hybrid environment-based systems and applications at every stage of the software development lifecycle, ensuring that the principles of 'Security by design' and 'Security by default' are followed, thereby integrating security into the DevOps and SDLC process.

THE WORK:

• Collaborate with design and development teams to implement security principles from the start of the SDLC, fostering innovation and growth.
• Support migration and transformation projects, integrating security in new technology layers and public cloud environments.
• Develop and manage the CI/CD process, automating security steps to enhance efficiency and scalability.
• Automate security tasks within DevOps processes using tools like Ansible, Azure DevOps, Jenkins, and GitLab, driving continuous improvement.
• Conduct security assessments of hybrid solutions, supporting teams with public cloud security (Azure, GCP, AWS).
• Secure public cloud environments and microservices-based environments (AKS, GKE, EKS, Red Hat Openshift).
• Analyze security of API, application, or IaC code, enhancing DevOps environments with robust security elements.
• Design, develop, and evolve CI/CD environments by integrating security tools (SonarQube, DefectDojo, Fortify, Checkmarx, Veracode, Checkov, Semgrep, Nessus, Aqua Security), ensuring continuous growth and innovation.

Flexible: The work location for this role may include a mix of working remotely, onsite at a client or in an Accenture office - depending on specific project circumstances.

With all our roles, there is some in-person time for collaboration, learning and building relationships with clients, peers, leaders, and communities. As an employer, we will be as flexible as possible to support your specific work/life needs.

WHAT’S IN IT FOR YOU?

• Work on projects for international clients, expanding your security skill set. Gain insights and feedback from a diverse team of over 120 cybersecurity experts in Poland and thousands across the world.
• Thrive in an exciting workplace that values and celebrates diverse perspectives. Contribute to a creative environment where your ideas are welcomed.
• Engage in creative projects that foster your development as cybersecurity specialist. Access continuous learning through workshops and skill-building initiatives.

• Permanent employment contract.
• Individual support of a People Lead and a specific path of professional development, as well as the possibility of a session with a Coach.
• A wide training package (soft, technical, and language training offer, access to the e-learning platforms, Gallup test, GenAI training, possibility of co-financing courses, and certification).
• Employee Assistance Program - legal, financial, and psychological consultations.
• Accenture employees eligible for the Employee share purchase plan automatically become eligible for quarterly dividends if they own company shares.
• Paid employee referral program.
• Private medical care, life insurance.
• Access to the MyBenefit platform (possibility of using a wide range of products and services, including the Multisport card).

• Knowledge of cyber security area or a desire to deepen your knowledge in this field, backed up by at least a few years' experience working in IT or in a DevOps role.
• Experience with one of the three leading clouds - Azure, GCP or AWS.
• Practical knowledge of CI/CD processes and familiarity with CI/CD tools like Azure DevOps, Jenkins, GitHub etc.
• Issues related to web application security (OWASP TOP 10 etc.) and secure coding best practices and knowledge of popular attack methods (XSS, CSRF, SQL injection, etc.) and frameworks such as MITRE.
• Practical experience of working with models: on-prem, IaaS, PaaS, SaaS.
• Experience with containerisation (Docker) and containerisation-based infrastructure platforms: Kubernetes, OpenShift, Anthos, etc.
• SAST, DAST, SCA issues and their practical implementation within CI/CD processes and issues related to authorization, authentication or session management (SAML, OAuth, SSO, etc.).
• Knowledge of the SSDLC process and its components and Rest API technology and the API Gateway concept.

BONUS POINTS IF YOU HAVE:

• Good knowledge of one of the selected programming languages: Java, .Net, C#, JavaScript, Go and scripting languages such as Python.
• Experience working with Git, Jira and Agile methodologies.
• Practical experience of working with DevSecOps tools from vendors like Veracode, Aqua Security, Checkmarx, Microfocus etc.