The DevSecOps Analyst plays a crucial role within the Web Development team, overseeing the maintenance of both internal and external websites for the credit union. The DevSecOps Analyst will seamlessly incorporate security measures throughout the software development and deployment processes, effectively connecting development, operations, and security teams.

• Collaborate with Web Development and IT Security to implement effective solutions for identified vulnerabilities, applying industry standard security measures and coding techniques to remediate issues promptly and efficiently.
• Create and maintain comprehensive documentation detailing application architecture, dependencies, data flows, security protocols, and best practices.
• Serves as the representative for the Web Development department during all audit procedures.
• Responsible for defining and implementing the build, deployment, and monitoring standards for the web development applications throughout the credit union.
• Be an active participant of the development team to deliver end-to-end automation of deployment, monitoring, and infrastructure management.
• Build and configure delivery environments supporting CI/CD tools using an Agile delivery methodology.
• Work closely with the development team to create an automated continuous integration (CI) and continuous delivery (CD) system.
• Develop, document, and implement CI/CD strategy.
• Monitor and support all installed systems and infrastructure from a web development perspective.
• Work together with vendors and other IT personnel for problem resolution.
• Evaluate application performance, identify potential bottlenecks, develop solutions, and implement them with the help of the web development team.
• Maintain and oversee code repositories, code branching, and repository merging.
• Ensure developers are following all code and security standards by reviewing commits, making suggestions, and verifying code is up to standards and secure prior to going to production.
• Lead and execute change management procedures, ensuring seamless transitions and organizational readiness for evolving processes, technologies, and strategies.
• Participate in hands on development to assist the team as needed.
• Stay up to date on new security threats and industry trends, allowing the web development team to be proactive in combating fraud and security threats.
• Implement yearly security training for all developers on the team.
• On call availability required for system support as needed (includes nights and weekends).