For one of our clients in the utilities industry we’re looking for a freelance DevSecOps Consultant: Project name: DevSecOps
Project description: The Hosting and Cloud Technologies (HaCT) development support team manages a Secure Development Platform. It enables application development teams to manage their development lifecycle in the client’s Cloud Development Platform based on Azure DevOps, GitHub, SonarCloud and Veracode. Future enhancements of the Client Cloud Development platform are planned, implemented, and tested.
Background to the assignment: As part of the DevSecOps project the client will introduce new security processes for application development teams. The processes include activities like threat modeling and security CI/CD pipeline configuration. As the client lacks profound expertise for these activities, the client is looking for an experienced external consultant that is an expert in application development security. Therefore, the external consultant has a unique position compared to the client's internal project staff and provides significantly different services than the internal staff.
Professionally consult the application teams regarding the ramp-up to perform threat modeling as part of their security backlog definition based on own knowledge and experience.
Establish a new service ‘secure development advisory services’ to application teams that is aligned with the client’s “Secure Development” directive and ensures compliance with the client’s standards.
Define templates for threat modeling that can be used by application development teams across the client and present the templates to the client for a sign off.
Create Sharepoint articles for end users on how to perform a secure development lifecycle for the client’s development projects and present the Sharepoint articles to the client for a sign off.
Independently provide professional consultation services via online calls and email to the application development teams regarding pipeline setup, team setup, permission setup and source code setup in Azure DevOps. Application development teams are the consumers of Hosting and Cloud Technologies (HaCT) development support team services.
Project start: End of October/November 2023 Project location: Remote Project duration: 2+ months (project planned until September 2024) Project capacity: Full time