Devsecops Engineer

About Us: LTIMindtree is a global technology consulting and digital solutions company that enables enterprises across industries to reimagine business models, accelerate innovation, and maximize growth by harnessing digital technologies. As a digital transformation partner to more than 700 clients, LTIMindtree brings extensive domain and technology expertise to help drive superior competitive differentiation, customer experiences, and business outcomes in a converging world. Powered by nearly 90,000 talented and entrepreneurial professionals across more than 30 countries, LTIMindtree — a Larsen & Toubro Group company — combines the industry-acclaimed strengths of erstwhile Larsen and Toubro Infotech and Mindtree in solving the most complex business challenges and delivering transformation at scale. For more information, please visit www.ltimindtree.com . Job Title: Devsecops Engineer Job Location : Mississauga, Ontario, Canada Job Description: Manage and execute security assessments for multiple agile projects simultaneously and ensure project timelines are met Perform application security testing on various types of applications such as web APIs RESTSOAPMicro services thick clients mobile etc inclusive of the supporting infrastructure components Utilize Static Application Security Testing SAST Interactive Application Security Testing IAST and Component Vulnerability Management CVM tools such as Checkmarx Contrast and Black Duck to uncover additional vulnerabilities during Dynamic Application Security Testing DAST Analyze SAST IAST CVM and DAST scan results to eliminate false positives Identify True Issue Leverage application artifacts such as business requirements user stories design documents architecture documents and others to understand the scope of the agile review Create targeted security user stories and misuse cases to execute during the agile review by performing threat modeling Collaborate with application Dev Engg teams to ensure that any identified security vulnerabilities are remediated in a timely manner Have the ability to read and understand application source code in order to provide specific recommendations for the identified vulnerabilities to application teams Have strong technical writing and presentation skills to report and articulate security vulnerabilities to technical and nontechnical audiences Passionate towards learning of Security Coding Best practices Able to lead drive the Shift Left on Security in SDLC Hands on experience of enterprise application development using programming languages such as Java Microservices Spring Boot framework Working experience in agile environments as part of the DevOps team with a very good understanding of the CICD pipeline Good understanding of the following BitBucketGit JIRA TeamCity Jenkins SonarQube Artifactory Checkmarx BlackDuck Contrast Twistlock AWS GCP Azure Docker Kubernetes OpenShift PCF Benefits/perks listed below may vary depending on the nature of your employment with LTIMindtree Canada (“LTIMC”): Benefits and Perks: Comprehensive Medical Plan Covering Medical, Dental, Vision Health Care Spending Account Short Term and Long-Term Disability Coverage Life Insurance Annual vacation and other Paid Leaves Maternity Leave Top Up Pay The range displayed on each job posting reflects the minimum and maximum salary target for the position across all Canada locations. Within the range, individual pay is determined by work location and job level and additional factors including job-related skills, experience, and relevant education or training. Depending on the position offered, other forms of compensation may be provided as part of overall compensation like an annual performance-based bonus, sales incentive pay and other forms of bonus or variable compensation. Disclaimer: The compensation and benefits information provided herein is accurate as of the date of this posting. LTIMindtree is an equal opportunity employer that is committed to diversity in the workplace. Our employment decisions are made without regard to race, color, creed, religion, sex (including pregnancy, childbirth or related medical conditions), gender identity or expression, national origin, ancestry, age, family-care status, veteran status, marital status, civil union status, domestic partnership status, military service, handicap or disability or history of handicap or disability, genetic information, atypical hereditary cellular or blood trait, union affiliation, affectional or sexual orientation or preference, or any other characteristic protected by applicable federal, state, or local law, except where such considerations are bona fide occupational qualifications permitted by law. Safe return to office : In order to comply with LTIMindtree’ s company COVID-19 vaccine mandate, candidates must be able to provide proof of full vaccination against COVID-19 before or by the date of hire. Alternatively, one may submit a request for reasonable accommodation from LTIMindtree’s COVID-19 vaccination mandate for approval, in accordance with applicable state and federal law, by the date of hire. Any request is subject to review through LTIMindtree’s applicable processes.