Consultant Data Security - Cloud IdP DevSecOps

*Please note: the service contract for this position will not be concluded with Henkel AG & Co. KGaA but with an external party”.

Project names:

Cloud IdP – DevSecOps

Project description:

The project is about to assess DevOps Tools, practices and patterns as part of Henkel dxS Cyber Security Unit. Develop Security focused procedures which suite and assist DevOps processes. Assess Tools and processes currently in use and design approach to implement Security Standards within these tools and processes

Detailed task description: 

- assess current DevOps tool and process landscape at Henkel. 

⮚ Conduct 2-4 workshops with Security stakeholder and DevOps teams to collect applications and requirements. 

⮚ Propose and develop decision matrix and criteria that will be validated and approved by Henkel Security stakeholder. 

- Analyze and evaluate DevOps tools and processes by multiple factors: 

⮚ risk to the organization 

⮚ effort/opportunity to enhance easily 

⮚ long term strategy 

- Propose and develop further factors that will be validated and approved by Henkel Security stakeholders 

- Provide, create or design necessary procedures, methodology or policies to affiliate DevOps processes. Include requirements from Sec stakeholders into concept proposal that were gathered during the workshops. 

- Analyze and evaluate security processes, with focus on: Importance to DevOps, feasibility to adjust them, biggest impact on DevOps. The processes will be provided in advance by Henkel. Results of analysis and evaluation will be validated and approved by Henkel. 

- Knowledge transfer of importance to DevOps, feasibility to adjust them, biggest impact on DevOps during a workshop to two dedicated DevOps Engineers. All created documents/proposals mentioned above will be part of this workshop.