استخدام مجموعه بیت پین

مجموعه بیت پین در تهران جهت تکمیل کادر خود به افراد واجد شرایط ذیل نیازمند است

DevSecOps Engineer
Security Automation & CI/CD Integration: Design and implement security gates within GitLab CI/CD pipelines (SAST, SCA, container scanning, credential scanning). Automate security testing and vulnerability scanning for containerized applications. Integrate security tools (e.g., Trivy, Snyk, Clair, etc) into the deployment workflow. Enforce policy-as-code using tools like OPA (Open Policy Agent) or Kyverno for Kubernetes. Kubernetes Security: Implement and maintain security controls for Kubernetes clusters (RBAC, Pod Security Standards, Network Policies). Deploy and manage admission controllers for runtime security enforcement. Configure secrets management solutions (e.g., HashiCorp Vault, Sealed Secrets, GitLab CI/CD secrets). Monitor container runtime security using tools like Falco or Sysdig. On-Premise Infrastructure Security: Design and implement secure on-premise infrastructure following industry best practices (CIS benchmarks, hardening guidelines). Secure bare-metal and virtualized infrastructure hosting Kubernetes clusters. Implement network segmentation, firewall rules, and DMZ architectures for self-hosted environments. Configure and maintain infrastructure monitoring and security controls. Collaboration & Training: Work closely with development, DevOps, and security stakeholders to foster a security-first culture. Provide security guidance and training to engineering teams. Champion DevSecOps best practices across the organization. Participate in security design reviews and threat modeling sessions.	Key Responsibilities:
Technical Expertise: Strong experience with Kubernetes security architecture and hardening in on-premise environments. Proficiency in GitLab CI/CD pipeline development and security integration. Hands-on experience with on-premise infrastructure (bare-metal, virtualization platforms like VMware/Proxmox). Knowledge of container security tools (Trivy, Anchore, Aqua, Twistlock). DevSecOps Tooling: Experience with security scanning tools. Proficiency in Infrastructure as Code (Terraform, Ansible, Helm). Familiarity with secrets management solutions (Vault, GitLab secrets management). Experience with security monitoring and SIEM integration. Security Knowledge: Strong understanding of OWASP Top 10, CWE/SANS Top 25, and common attack vectors. Knowledge of network security, TLS/SSL, certificate management, and PKI infrastructure. Understanding of zero-trust architecture and micro-segmentation principles. Familiarity with compliance frameworks and security standards. Infrastructure & Networking: Deep understanding of on-premise networking (VLANs, routing, firewalls, load balancers). Experience with self-hosted service deployments and high-availability architectures. Knowledge of storage security and data protection mechanisms. Understanding of physical and logical security controls for data centers. Programming & Scripting: Proficiency in scripting languages (Python, Bash, Go) for automation. Ability to review code for security vulnerabilities. Experience with GitOps workflows and version control best practices. Problem-Solving & Communication: Strong analytical skills to identify and remediate security risks. Ability to translate security requirements into technical implementations. Excellent documentation and communication skills. Experience working in agile/DevOps environments.	Key Skills and Qualifications:
Experience with service mesh security (Istio, Linkerd). Knowledge of regulatory compliance requirements for fintech/financial services. Contributions to open-source security projects. Experience with hardware security modules (HSM) and cryptographic solutions.	Nice to Have: