Senior DevSecOps Compliance Engineer

Designs, architects, implements and supports technologies underpinning the IQVIA Clinical eSource (formerly known as ClinSpark) platform with a particular focus on security requirements. Creates and manages standardised software development environments.Designs and implements action plans to address security shortcomings and difficulties.Develops automated systems for deployment, monitoring and fault tolerance for customer specific instances of the platform.Engaged in consulting with customers on technical implementation troubleshooting customer issues.Essential Functions

• Designs, architects and implements new technologies and software to bolster IQVIA's on premise and cloud-based infrastructure, with a particular focus on security requirements.
• Creates and manages standardised software development environments.
• Designs and implements action plans to address security shortcomings and difficulties
• Develops automated systems for deployment, monitoring and fault tolerance for customer specific instances of the platform.
• Improves software deployment, monitoring and development processes considering systems requirements.
• Performs maintenance, upgrades, and migrations.
• Provides tools and best practices to support the entire software development lifecycle.
• Consults with customers on complex technical implementation discussions.
• Troubleshoots problems reported by customers requiring deep investigation into production environments
• Collaborates with others across the organisation to solve problems and build better processes, systems, and software.

Qualifications

• Bachelor's Degree Computer Science, a related field, or equivalent experience

Experience

• Familiarity with Cloud platforms (preferably Amazon Web Services), Monitoring platforms (Datadog), Infrastructure as Code (Terraform, Terragrunt, Fluxcd, Helm etc.), CI/CD (BitBucket, Gitlab, Github)
• Familiarity with Datadog Security tooling (Application security, Cloud Security Management, Cloud SIEM etc.)
• Experience implementing Static and Dynamic Security Testing, Software Composition Analysis,  Secret Scanning, Container Vulnerability Scans, Open Source License checks, Trusted Dependency Stores.
• Experience with eSource or similar platforms preferred