At a Glance
- Tasks: Lead security practices in software delivery and coach engineering teams for secure development.
- Company: Join Cognizant, a top global tech consulting firm with a vibrant culture.
- Benefits: Enjoy hybrid working, competitive pay, and opportunities for professional growth.
- Other info: Dynamic role with excellent career advancement potential in a supportive environment.
- Why this job: Make a real impact on security practices while collaborating with innovative teams.
- Qualifications: Cyber security background with experience in DevSecOps and strong communication skills.
The predicted salary is between 60000 - 80000 £ per year.
The Company Cognizant (NASDAQ:CTSH) is a leading provider of information technology, consulting, and business process outsourcing services, dedicated to helping the world's leading companies build stronger businesses. About Cognizant Consulting To be digital, companies today must have organizational velocity approaching speed of light while providing individualized offerings that result in fanatical levels of customer satisfaction all with laser-focused cost control. At Cognizant, our consultants orchestrate the capabilities to truly change the game across strategy, design, technology and industry/functional knowledge to deliver insight at speed and solutions at scale.
About the Role We are seeking a Senior DevSecOps / Security Consultant to assess, embed and uplift security practices across our client's software delivery lifecycle. This is a security-first role. You come from a cyber security background, not a developer who has pivoted into security, and you will spend your time advising and coaching engineering squads to help them design, build and operate platforms securely by default. The role is not about deploying a new security toolchain from scratch. The client already has tooling in flight; your job is to make it land.
What You'll Do
- Run the DevSecOps Maturity Assessment: Conduct a comprehensive, evidence-based audit of the client's current DevSecOps capabilities against recognised industry frameworks. Assess the adoption, configuration and effectiveness of existing controls across SAST, SCA, DAST, IaC scanning, container security and secrets management.
- Embed Existing Security Tooling into Developer Workflows: Take the tools the client has already invested in and make them genuinely useful: properly integrated, sensibly configured, and well understood by the engineers using them.
- Coach and Enable Engineering Teams: Embed with developer squads as their trusted security partner, attending stand-ups, sprint planning and design reviews to bring a security lens to day-to-day delivery.
- Lead Threat Modelling and Secure Design: Facilitate threat-modelling sessions at the design phase of new services, features and platform changes.
- Track Metrics, Governance and Progress: Define and track meaningful KPIs such as vulnerability burn-down, mean time to remediate, pipeline coverage and gate effectiveness.
What We're Looking For
- A security professional first. Your career has been built in cyber security, application security or DevSecOps.
- Demonstrable experience running DevSecOps or AppSec maturity assessments using OWASP SAMM and/or NIST SSDF.
- A track record of embedding security tooling into existing developer workflows.
- Working knowledge of CI/CD security tooling and platforms such as GitHub Actions, Azure DevOps or GitLab.
- Strong communication skills.
Desirable: Industry certifications such as CISSP, CCSP, CSSLP, CCSK or equivalent. Exposure to policy-as-code and supply-chain tooling.
Expected Deliverables: A formal DevSecOps Maturity Assessment Report, including scorecard against OWASP SAMM and NIST SSDF. A prioritised 12-month Shift-Left Implementation Roadmap. A library of Secure CI/CD Reference Patterns built on the client's existing tooling.
Engagement Details: Hybrid working, with on-site presence at the client location as required by the engagement.
Additional Employment Information: Cognizant reserves the right to modify this information at any time, subject to applicable law. Cognizant is an equal opportunity employer.
Senior DevSecOps - Cyber Security (Consulting) employer: Cognizant Technology Solutions
Cognizant is an exceptional employer that prioritises employee growth and development within a dynamic work culture. With a strong focus on innovation and collaboration, employees are empowered to make meaningful contributions while enjoying the benefits of hybrid working arrangements. The company's commitment to fostering a supportive environment ensures that team members can thrive in their careers, particularly in the fast-evolving field of cyber security.
Contact Details:
Cognizant Technology Solutions Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Senior DevSecOps - Cyber Security (Consulting)
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even local tech events. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects and contributions. This is your chance to demonstrate your expertise in DevSecOps and cyber security, making you stand out from the crowd.
✨Tip Number 3
Prepare for interviews by practising common questions and scenarios related to DevSecOps. Think about how you would approach security challenges and be ready to discuss your past experiences. Confidence is key!
✨Tip Number 4
Don't forget to apply through our website! We’ve got loads of opportunities waiting for you. Plus, it’s a great way to ensure your application gets seen by the right people. So, what are you waiting for? Go for it!
We think you need these skills to ace Senior DevSecOps - Cyber Security (Consulting)
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Senior DevSecOps role. Highlight your cyber security experience and any relevant tools you've worked with. We want to see how your background aligns with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how you can help us elevate our clients' security practices. Keep it engaging and personal.
Showcase Your Skills:In your application, don't just list your skills—show us how you've applied them in real-world scenarios. Whether it's running assessments or embedding security tooling, we want to see your impact!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Cognizant Technology Solutions
✨Know Your Stuff
Make sure you’re well-versed in the key frameworks like OWASP SAMM and NIST SSDF. Brush up on your knowledge of security tooling and CI/CD platforms, as you'll need to discuss how to embed these into developer workflows effectively.
✨Showcase Your Experience
Prepare to share specific examples from your past roles where you've successfully run DevSecOps assessments or embedded security practices. Highlight how you’ve improved developer experiences and driven adoption of security tools.
✨Engage with Stakeholders
Demonstrate your ability to communicate with various stakeholders, from developers to C-level executives. Practice explaining complex security concepts in simple terms, as this will be crucial in your role as a bridge between InfoSec and Engineering.
✨Be Ready to Coach
Expect to discuss how you would coach engineering teams on secure coding practices. Think about how you can foster a culture of security as an enabler, not a blocker, and prepare to share ideas for training materials or workshops you could lead.
