IN MPIN DevSecOps Expert

Company Description

In India, Bosch is a leading supplier of technology and services in the areas of Mobility Solutions, Industrial Technology, Consumer Goods, and Energy and Building Technology. Additionally, Bosch has in India the largest development center outside Germany, for end-to-end engineering and technology solutions. The Bosch Group operates in India through twelve companies: Bosch Limited – the flagship company of the Bosch Group in India – Bosch Chassis Systems India Private Limited, Bosch Rexroth (India) Private Limited, Bosch Global Software Technologies, Bosch Automotive Electronics India Private Limited, Bosch Electrical Drives India Private Limited, BSH Home Appliances Private Limited, ETAS Automotive India Private Limited, Robert Bosch Automotive Steering Private Limited, Automobility Services and Solutions Private Limited, Newtech Filter India Private Limited and Mivin Engg.Technologies Private Limited. In India, Bosch set-up its manufacturing operation in 1951, which has grown over the years to include 16 manufacturing sites, and seven development and application centers. The Bosch Group in India employs over 30,500 associates and generated consolidated sales of about Rs. 26,827 crores (3.1 billion euros) in fiscal year 2021-22 of which Rs. 24,406 crores (2.8 billion euros) are from consolidated sales to third parties. Bosch Limited is the flagship company of the Bosch Group. It earned revenue of over Rs. 11,782 crores (1.39 billion euros) in fiscal year 2021-22. 
Additional information can be accessed at www.bosch.in 

Job Description

About us

The Bosch Group is a leading global supplier of technology and services, in the areas of automotive technology, industrial technology, consumer goods, energy and building technology. In India Bosch. Limited is the flagship company of the Bosch Group. Over and above a strong presence in the India.

From a Bosch India perspective, we see a need to transform with new mind-sets -operating together with businesses, governments, and consumers- to imagine a future landscape focusing on efficient mobility concepts, clean energy needs, decentralized governance, convergence on connectivity etc.

We solve real world problems which mean to our planet. Either it is about Improve Air Quality of this planet with the help of Deep learning , Building Connected parking solutions with the help of IOT , Electrification to Fuel cell technology or Building Driverless Cars, by being a neutral player we have made our subtle presence in every second vehicle in this world and reimagined the way our planet can become sustainable , to know more about our mobility solutions. please click here to know more about Connected Mobility

About the role

If you have prior experience of leading teams and organizations that are on a DevOps journey sponsor development of generative culture, support their teams and inspire actions to continuously transform their teams to higher levels of organization performance then you should go through the below mentioned details. We are building our Mobility Solution Team from Scratch in India and hence looking for DevSecOps expert to enable Digitalization of the current systems in India

Qualifications

Roles & Responsibilities

• Project a vision, provide intellectual stimulation, inspire collaborative communication, support specific behaviors and pro-actively recognize personal behaviors.
• Engage early adopters in small cross-functional teams with shared goals to improve flow of their value streams using small batch sizes, tools and incremental processes.
• Employ value-stream mapping to visualize flow, determine metrics and current state of value-added tasks and

waste to guide improvements

• Use metrics and future state value stream mapping to identify improvement opportunities in People, Process and Tools.
• Fearlessly let go outdated information, work without bias to enthusiastically take in new information that improves effective decision-making and improve flow of work.
• Design the organization aligned with the vision and improve communication between cross-functional teams using concepts from Target Operating Models, Conway’s Law, SAFe.
• Passionately champion a vision with support from top management. Relentlessly promote changes across the organization incrementally to effect changes.
• Evangelize measurable business outcomes gained with the improved value stream while honestly contrasting prior performance.
• Lead DevSecOps teams achieve more frequent, secure, quality code deployments, faster lead time from commit to deploy, faster MTTR, lower change failure rates, and team satisfaction.

Capabilities

• Should be able to define Tactics, techniques and procedures (TTPs) describe how threat agents orchestrate and manage attacks. Threat Models optimize security by identifying objectives and vulnerabilities such as OWASP top ten, before defining counter measures. Continuous Delivery practices are engaged to realize continuous governance, risk management and compliance.
• Should be able to ensure Security is made continuously adaptive and auditable by breaking security silos, cultivating a symbiotic relationship between security and other business units. Security specific practices and integrated toolsets as code (such as security scans) enable automated security KPIs and observable security practices into the DevOps value stream.
• Should identify gaps between traditional waterfall security cultures and fast-paced DevOps cultures, are removed by building collaboration and trust. Through improving credibility, reliability and empathy while reducing self-interest. Decisions are based on advice from everyone affected and people with expertise using systems thinking. Shared metrics assure adaptable governance using discipline, with automation, transparency and accountability.
• Ensure Security is built into the value stream efficiently with empowered development teams implementing features securely, shift-left security testing, tools for automated feedback. Culture improvements instead of policy enforcements ensure security and software engineers are continuously cross-skilling and collaborating.
• Ensure Security test and scanning tools are integrated into the CI/CD pipeline to finding known vulnerabilities (published CVEs) and common software weaknesses (CWEs). Repetitive security tasks are automated such as configurations, Fuzz testing and long running security tasks. Compliance as Code helps in automating compliance requirements to foster collaboration, repeatability, and continuous compliance.
• Ensure Security is integrated into people, process, technology and governance practices. Continuous security practices for DevSecOps are implemented in onboarding processes for stakeholders. Security practices and outcomes are monitored and improved using data-driven decision making and response patterns. Lean and value stream thinking ensure that security does not cause waste, delays or constraints for flow.
• Ensure Value Stream Mapping establishes where security activities and bottlenecks currently happen. Collaborative design of a target value state map addresses security requirements, communication and automation improvements. Scope of the design includes practices for Artifact Management, Risk Management, Identity Access Management, Secrets Management, Encryption, Governance, Risk and Compliance, Monitoring and Logging, Incident response and learning.

Additional Information

An ideal candidate should have

• Ideal candidates should have a minimum of around 12+ years of Experience with at least 3 years of Management Experience
• Should have Handson experience on Building or Leveraging a Continuous Delivery Pipeline (CDP) —a high-performance innovation engine capable of delivering market-leading solutions at the speed of business
• Should have managed a hierarchy and a team of at least 50+ Member Engineering team.
• Should be strong in Program Management of large technology Projects
• Technology Skills Required: Building SAAS Platforms, Open Source Technologies, Strong Understanding of DevOps, Cloud security, container-based development, Microservice Architecture, MySql, NOSql DB
• B Tech or equivalent degree will be preferred