DevSecOps Manager

About Worley:Worley has made a firm commitment to support the energy transition, and central to this is ensuring Project Delivery adheres to cost, schedule and quality and meets appropriate legislation and standards.We are rapidly expanding our capabilities within the low carbon and Energy Transition sectors and our Project Delivery team will bring experience and track record from a range of industry sectors to ensure similar standards are maintained as we assist our clients, partners, and projects in transitioning to a more sustainable world.Our commitment to People, Planet and Sustainability is demonstrated in Worley’s broader ambitions in the energy transition space extend from early-stage concept and feasibility through to delivering full EPC and EPCM packages. "Summary:Worley is looking for a passionate DevSecOps Manager to join our Applications Development, integrations and support group. The mission of the DevSecOps manager is to increase organizational efficiency through technology integrations, and workflow automations, allowing teams to focus on technological innovation, faster time to market, improved software quality, increased collaboration, and reduced operational costs. Worley is looking for a passionate DevSecOps Manager to join our Applications Development, integrations and support group. The mission of the DevSecOps manager is to increase organizational efficiency through technology integrations, and workflow automations, allowing teams to focus on technological innovation, faster time to market, improved software quality, increased collaboration, and reduced operational costs. Duties/Responsibilities: DevSecOps Manager will define and govern Worley’s DevSecOps standards, processes and strategy that will be used across the many development teams throughout the global organization.The DevSecOps Manager will mentor, guide and upskill our developers and partners; and define the strategy for supporting the transformation of the whole group towards a DevSecOps model. Furthermore, the DevSecOps team will partner with Information Security and Application Architecture in defining best practices and policies around securing CI/CD pipelines.This role reports into the Application Development and Integration Manager and maintains strong relationships with all line-of-business technology groups. You will work closely with several key individuals and teams and will be part of a talented team of developers, business analysts and application architects who demonstrate superb technical competency, delivering mission critical solutions and ensuring the highest levels of availability, performance and security across our enterprise. Qualified candidates will have a background in Agile delivery of DevSecOps.Priorities can often change in a fast-paced environment like ours, so this role includes, but is not limited to, the following responsibilities:Providing guidance and oversight of all aspects of DevSecOps across I&DD programs and solutionsIdentify gaps in our current processes, workflows and design solutions; and recommend changes or enhancements as needed to improve efficiency through automation and scalabilityWork with other teams to drive new projects, product implementations configuration reviews, ensuring that best practice standards are maintainedPartner with other security teams to guide them through Cloud Operations and DevOps best practices.Review technology procurement choices for automation systems and system controls in partnership with security architectureDefine the applications delivery framework and guide developers, infosec and management and govern the technical teams to enforce this frameworkAct as a Technical Leader in DevSecOps for the ADI Delivery team, influencing team’s technical decisions and goalsEnsure that the project and any changes to the project comply with: Worley’s IT standardsapplicable statutory and regulatory requirements; andthe project scope of work and quality & testing requirements Ensure that the technical teams complies with the corporate change management processSupport the associated procurement, contracting and construction strategies and processes to ensure that project deliverables meet project requirements on time and within budget.Where required, prepare or assist in the preparation of project documentation such as budgets, estimates, progress and forecasts, schedules, and reports.Establish and maintain relationships with key stakeholders (e.g. Functional Owners, Business and Regional Representatives, Design Authority) as required by the project. Solution / Functional Management: Analyzes functional and system requirements, mapping DevSecOps Opportunities and Cloud Enablement between functional elements and identify critical path betweenDevelop the project turnover specifications to successfully move the developed solution to the production cloud environment.Proactively seeks business process improvement through use of new technologies Safety: Responsible for personal safety and safe working practices within IT Projects. Understand and follow Worley procedures. Job Specific Knowledge / Experience: Proven work experience as a system engineer or information security engineerDisplay technical excellence in Cloud Native technologies as well as multidisciplinary capabilities in coding, networking, governance, project management, etc.Excellent knowledge of Cloud Platforms like OCI, AWS, Azure etc.Thorough understanding of the latest security principles, techniques, and protocolsAbility to problem solve independently and collaborate as a team to solve complex problems in support of the team’s missionKnowledge of industry best practices for foundational security elements including network devices and system-level hardeningHands-on experience in DevOps frameworks using tools like GitHub, Azure Devops etc. and infrastructure as code such us TerraformKnowledge of containerization software: Docker, Kubernetes Additional Experience: Excellent knowledge of cloud security best practices and solutions in cloud security posture management and cloud security workload management.Knowledge of Identity and Access Management frameworks in cloud environmentsHands-on experience with serverless functionsHands-on experience with log collection, normalizing, and management; security infrastructure and policies; and risk mitigationKnowledge about the current security threat landscape and common tactics, techniques and procedures used in offensive securityKnowledge of Security Orchestration Automation and Response (SOAR) products.Knowledge of operating systems and database security Industry Specific Experience : Previous working experience in a large complex corporate preferably a multinationalSound knowledge of Information Technology and Business Analysis industry standards and methodologies Education – Qualifications, Accreditation, Training: Degree in Computer Science, Business Management and/or equivalent education and experience.At least 5 years of experience in technical management of technology projects with increasing complexity. IT Skills: User experience with MS environment communication packages (Office, Visio, Lync, SharePoint, & Outlook)Microsoft DevOps for agile project execution and reportingGlobal IT Networks: Understanding of working within a global footprint with remote service provisionDevelopment / Coding: knowledge of working within a coding standard within the organisationRelease and Environment Management ExperienceServers & Infrastructure: working knowledge of Servers and associated infrastructureCloud based technology: Working knowledge of IAAS, PAAS and SAAS technology solutions What we offer you Providing an agile culture and challenging work opportunities results in a positive work environment. Our people enjoy competitive compensation packages and a fun, personal, collaborative and safe working environment. We value equal employment opportunity and are committed to promoting fairness, equality and diversity.Our policy is to conduct background checks for all candidates who accept an offer of employment with us.If you have the passion and talent to keep up, it's time to test the limits of what you can become. Find your future with Worley.