Explaining DevSecOps Engineer FULLY (Is It Right For You?)
Ғылым және технология
In this video, Ashish Rajan, cybersecurity executive and cloud security expert about the DevSecOps role, what it is, whats great about it, whats tough about it, and how YOU can get the skills to take on that role.
📒 Show Notes 📒
⏰ Markers
0:00 Preview
1:26 What is the DevSecOps Engineer job?
7:07 What skills are needed to do the job?
12:13 What is/are the PROS of the job?
13:57 What is/are the CONS of the job?
17:12 Best way to get these skills?
Simply Cyber's mission is to help purpose driven professionals make and and take a cybersecurity career further, faster.
📱 Social Media
LinkedIn: / geraldauger
Twitter: / gerald_auger
KZread: / geraldauger
Discord: / discord
Twitch: / gerald_auger_simplycyber
🔥 My Curated Website of Free Cyber Resources
SimplyCyber.io
📷 🎙 💡 MY STUDIO SETUP
📷 Camera / Video
Sony Alpha a6400 amzn.to/2TZliEb
Sigma 30mm F1.4 amzn.to/3hEJFA2
Gonine AC-PW20 AC Adapter (for a6400) amzn.to/3wDZBqc
Fotga 52mm Slim Fader amzn.to/3khne5w
Boom Scissor Arm Stand amzn.to/3efSv5b
Logitech C922 Pro Stream Webcam 1080P amzn.to/3i8AI0B
BlueAVS HDMI to USB Video Capture Card 1080P amzn.to/3i5JAEk
Anker USB C to HDMI Adapter amzn.to/3kjjoJ4
60-Inch Lightweight Tripod amzn.to/36B5j1u
5X 6.5ft Portable Green Screen Chromakey Collapsible amzn.to/3efW9Mp
Glide Gear TMP100 Adjustable Teleprompter amzn.to/3B36DrZ
🎙 Audio
Blue Yeti Nano Premium USB Mic amzn.to/3efWcb3
BOYA BY-M1 3.5mm Electret Condenser Microphone amzn.to/3AZzJIN
Boom Scissor Arm Stand amzn.to/3efSv5b
Neewer Professional Microphone Pop Filter Shield amzn.to/3ekdZOi
💡 Lighting
UBeesize 10’’ LED Ring Light amzn.to/3i23qAm
Neewer Ring Light Kit:18"/48cm Outer 55W 5500K Dimmable LED Ring Light amzn.to/2U0slwo
Fovitec 2-Light High-Power Fluorescent Studio Lighting Kit amzn.to/36zDS8A
Neewer 2-Pack Dimmable 5600K USB LED amzn.to/3B0crCQ
Neewer 480 RGB Led Light amzn.to/2Vzwmbf
60-Inch Lightweight Tripod amzn.to/36B5j1u
🧑🏻💻 Workstation
2020 Apple Mac Mini with Apple M1 Chip amzn.to/3wybMVL
Logitech MX Master 3 Advanced Wireless Mouse amzn.to/3xFCkWp
Apple Magic Keyboard amzn.to/3ehMRiP
Huanuo Dual Monitor Stand Mount amzn.to/3keFZqc
Dell U2717D IPS 27" UltraSharp InfinityEdge Slim Widescreen amzn.to/36znqoG
USB C to SD Card Reader amzn.to/2VG1RRd
StarTech 2 Port USB C KVM Switchamzn.to/3efWoa7
Toshiba Canvio Basics 1TB Portable External Hard Drive USB 3.0 amzn.to/3hZOK4A
External Hard Drive Portable Carrying Case amzn.to/3r62XRM
Mountable Surge Protector Power Strip with USB 5 Outlets 3 USB Ports amzn.to/3wDmlqv
🥼 Raspberry Pi Lab
Raspberry SC15184 Pi 4 Model B 2019 Quad Core 64 Bit WiFi Bluetooth (2GB) amzn.to/3i61EhI
Miuzei Case for Raspberry Pi amzn.to/2Vzyrnz
Micro Center 32GB Class 10 Micro SDHC Flash Memory Card with Adapter amzn.to/3B0Qm6X
Micro HDMI to HDMI Cable 6FT amzn.to/3ekpiG3
👉 Some product links are affiliate links which means if you buy something SimplyCyber receives a small commission (but it all costs the same to you, so consider it supporting the channel 😉 )
🙌🏼 Donate
Like the channel and got value? Please consider supporting the channel
www.buymeacoffee.com/SimplyCyber
😎 Merch 😎
👉🏼 SimplyCyber Branded Gear: teespring.com/stores/simplycyber
🎥 Livestreams are produced through StreamYard.
$10 credit using my referral link below if you ever upgrade to pro plan.
streamyard.com?pal=6534222448689152
Disclaimer: All content reflects the thoughts and opinions of Gerald Auger and the speakers themselves, and are not affiliated with the employer of those individuals unless explicitly stated.
Пікірлер: 23
Thanks for having our host on the show Gerald! You are a good interviewer :)
@SimplyCyber
2 жыл бұрын
🥰 You are very kind. Ashish was insightful and a delight.
Keep on bring the knowledge Gerry!
Thanks for having me on to talk about DevSecOps Gerald! :)
@SimplyCyber
2 жыл бұрын
Your insight was well received by the community.
I have a strong security architecture not devops. The learning curve was steep but possible. SANS Sec540 training helped glue everything together.
Great as usually, thank you :D
@SimplyCyber
2 жыл бұрын
Thanks so much. Ashish was great to talk to and really answer this question. ( I was wondering the answers too).
Your video is not explaining the role of a DevSecOps Engineer "FULLY." I am a DevSecOps Engineer and the role of a "DevSecOps Engineer" is much, much more than just building and maintaining CI/CD pipelines for deploying an application into Production with additional security checks. This is a major misconception people have with the term DevOps and DevSecOps as a cultural methodology vs what an actual DevOps or DevSecOps Engineer actually does. We do everything a DevOps Engineer does (the role of a Cloud Engineer and the role of a Systems Administrator, utilizing Infrastructure as Code/automation), but we also automate, manage, and maintain the security tools in addition (firewalls, IDS, IPS, etc) to meet compliance set fourth by RMF. In short a DevSecOps Engineer (at least at my organization) does DevOps (again which is not strictly CI/CD
@SimplyCyber
2 жыл бұрын
Want to come on as a guest?
Thanks for the great video! I agree about automating SAST and the mountain of false positives it can create being a massive headache. I am currently working as a DevSecOps Engineer. I would really like to hear about Ashish's journey from DevSecOps to CISO. That is my long term career goal, but I struggle with what to do next to make sure I am moving in that direction.
@SimplyCyber
2 жыл бұрын
Thanks for sharing! I'll message Ashish and see if he can answer that (or if he wants to come back on stream).
This was such a good, informative interview. I learned so much and I am looking at learning some DevSecOps soon!
@SimplyCyber
2 жыл бұрын
Thanks DJ. I learned a lot too, its def a mysterious role in the industry. Hope you're well and your projects are crushing it.
That was excellent. I had been wondering exactly what devsecops meant. A good goal to focus towards
@SimplyCyber
2 жыл бұрын
Glad it was helpful!
Is DevSecOps considered a track within Cybersecurity? I’m currently an ISSO and work with the RMF (GRC) and would like to pursue this track in the cleared space. DevSecOps is huge and new with the DoD and all the software factories standing up.
@AshishRajan
2 жыл бұрын
Yes James - that is correct!
@CoachRob619
4 ай бұрын
How did you land your ISSO role?
great video..i am currently into SOC in India.only problem for me are rotating shifts every week which is not suitable for my health..can you suggest roles after SOC that does not require shift work..any videos..btw great video
@SimplyCyber
2 жыл бұрын
Not sure how it works in India but digital forensics and malware Analyst are bot out of the blue side and would be familiar to soc analyst. I do have videos for each on the channel.
But once the dev ops pipeline is established after that does this DevSecOps engineer would do. What is mean if we we have team of 3 to 4 people they would have not much to do after the pipeline establishment
Timestamps 0:00 Preview 1:26 What is the DevSecOps Engineer job? 7:07 What skills are needed to do the job? 12:13 What is/are the PROS of the job? 13:57 What is/are the CONS of the job? 17:12 Best way to get these skills?