Container Security Implementation Contractor

Illinois  ‐ Remote
Dieses Projekt ist archiviert und leider nicht (mehr) aktiv.
Sie finden vakante Projekte hier in unserer Projektbörse.

Beschreibung

A prestigious financial firm is on the search for a Container Security Implementation Contractor. This can be a fully remote position. This contractor will focus on implementation of Sysdig Scan on Docker and they will report vulnerabilities to the developers. This role requires experience with CICD, Docker, Containers, Python, Bash JSON, and Jenkins.

Responsibilities:

  • Project Lead for Container Security Implementation: Lead/drive the imbedded company developer(s) in performing the work outlined below:
  • Release container that performs Sysdig scan on Docker and reports the vulnerabilities to the developers and stores reports in the pipeline and inside a local repository.
  • Develop Jenkins step to have code that is staged for prod open preliminary tickets in company's ticketing system.
  • Integrate CVSS Scoring
  • Create verification rule in CICD pipeline
  • Update GSD readmes/user guides
  • Create initial container - this is drafted needs to push to prod
  • Implemented container security solution and tied to the company's ticketing system.
  • Documentation for knowledge transfer, as needed
  • Enhance Application Vulnerability Reporting
  • Automate vulnerability reporting from CICD to company's ITSM tool. Current vulnerability scanning tools: Black Duck, Veracode, Sysdig
  • Collect the right metadata to send through API to connect to OCCs ITSM tool
  • Work with ServiceNow team to build release approvals step and have Jenkins re-run after the approval has changed the ticket severity, if needed.

Qualifications:

  • Ability to write Custom Docker Container
  • Experience coding in Python, Java, and Bash Scripting
  • Jenkins pipeline experience
  • Need to be able to build stages in Jenkins pipeline
  • Scanner will execute within one of the Jenkins stages
  • API integration experience for Jenkins to repos and scanner
  • Needs to be able to parse JSON reports
Start
keine Angabe
Dauer
18 months
Von
Request Technology
Eingestellt
11.08.2022
Projekt-ID:
2443130
Vertragsart
Freiberuflich
Einsatzart
100 % Remote
Um sich auf dieses Projekt zu bewerben müssen Sie sich einloggen.
Registrieren