IT Security Analyst
For our client based in Düsseldorf we are looking for a freelance IT Security Analyst (m / f / d).
Project : Most solutions are based on the MS Azure cloud and have been built up having functional requirements in mind.
Whilst maturing our cloud utilization we would like to identify strategic areas of where security could be improved in our IT landscape.
This is starting with using the DevSecOps tool called Snyk as well identifying where are not using modern authentication scheme based on OAUTH2 and not regularly rotating secrets in applications.
Tasks :
- Analyze which applications & teams are using GIT repositories for storing their application code or deployment pipelines
- Analyze which applications & teams are using subversion to store their application code
- Identify which repositories are active and which are inactive and can be archived-
- Analyze what build & release pipelines are being used inside the different pipelines and if the repositories would be compatible to be onboarded on Snyk
- Document dependencies in SVN build pipelines and propose new build toolset on GitHub, Azure DevOps
- Create a Plan for the migration of subversion repositories to GitHub, Azure DevOps
- Create a template for Sales & Trading GitHub organizations so that repositories and access to repositories is deployed via terraform with the GitHub provider
- Identify which application are currently using static secrets in their application code and not utilizing modern authentication scheme via OAUTH2, e.
g. by using Azure Resource Graph explorer to find these resources
Analyze where managed identities are not being used inside the Sales & Trading IT landscape and where Role Assignment are not being used to make use of Azure RBAC (e.
g. Azure Storage Account Contributor vs. Contributor permissions)
- Analyze where Azure DevOps pipelines are using static secrets for authentication instead of workload identities
- Create a Proposal how dynamic secrets rotation can be implemented for certain clusters
Skills :
- Multiple years of experience in IT Security roles
- Very good Knowledge in Azure Cloud, and Azure DevOps, especially in terms of security aspects
- Multiple years of experience in GitHub
- Experience in Azure Resource Graph query
- Terraform IAC, Snyk und Subversion are a big Plus
- Fluent in English
- Nice to have : German
Key Facts
- Start : July
- End : December
- Hours per week : 20
- Location : Düsseldorf
- Contract : Freelancing