Feature
#ELLIE • 4 min read

A Day in the Life of a DevSecOps Engineer

A DevSecOps career involves integrating security practices into the DevOps process to ensure that security is an integral part of the software development lifecycle.

DevSecOps promises a rewarding and fulfilling career, so if you enjoy exploring new technologies, finding creative solutions to security challenges, and staying on the cutting edge of technology, DevSecOps may be a great fit for you.

To give you an understanding of what to expect in a DevSecOps role and to answer your frequently asked questions, we sat down with Max, who currently works as a Content Engineer at TryHackMe, after previously working as a DevSecOps Engineer for three years.

What does a day in the life of a DevSecOps Engineer look like?

Funny you ask that question. Part of why DevSecOps appeals to me so much is because it's so complicated to define a ‘day in the life’. It is often described as a ‘Swiss army knife’ role because you have to put together what you have learned from different fields (e.g. combining software engineering skills with security architect skills). This can be a challenge at first, but eventually, the reward is your days often contain lots of variety with different projects and tasks giving you a much-needed context shift. That being said, of course, there are some tasks which are frequent/common, including:

  • Depending on corporate structure, a daily morning call occurs where you discuss your current tasks and take some tickets to action and any security incidents. Usually, you will have some technical tickets that need actioned, which can range from a simple security config change to installing an agent to monitor for malicious activity.
  • Security automation tasks - your aim here is usually to take a manual process which currently eats up a lot of your team's time and automate it. For example, creating a script to automate the detection, triaging and mitigation of certain security incidents.
  • Optimisation - usually some time is dedicated to finding ways to fill gaps. What can be done more efficiently, or more securely?

How did you become interested in DevSecOps, and what motivated you to pursue a career in this field?

I originally worked in a SOC Analyst-type role. I enjoyed my time there and, in quiet moments, would use the time to script the automation of tasks which would save my team time. This eventually became my favourite part of the job, although it wasn’t really part of my job, just something I enjoyed doing.

This is when I started to consider DevSecOps might be a more fulfilling area for me. The more research I did, the more certain and motivated I became too. As I mentioned in the first answer, I could tell there would be a lot of variety in the role, and that was something I wanted.

What tools and technologies do you commonly use in your role as a DevSecOps Engineer? How do they contribute to your daily tasks?

Well! DevSecOps has a whole bunch of tools used. I’ll break down some of the most common ones:

  • Container Technologies (e.g. Docker): used to package applications and their dependencies into a standardised unit.
  • Kubernetes: a container orchestration system used to orchestrate the above-mentioned container technologies.
  • IaC tools (e.g. Terraform, Ansible, AWS CloudFormation, Chef, Pulumi): There are two types of IaC tools. ‘Infrastructure provisioning’ tools take the infrastructure defined in code and provision it in an on-premises or cloud environment. ‘Configuration management’ tools are then used to automation the configuration of that provisioned infrastructure.
  • CI/CD tools (e.g. Jenkins, Gitlab): These tools are used for CI/CD pipelines, meaning the automation of building, testing and deploying of applications.

A common task that involves a few of these is triggering a Gitlab pipeline which has a build step, this build step rebuilds a Kubernetes deployment (running pods containing docker containers) with a fresh security config for a tenant.

How do you stay updated on the latest security threats, vulnerabilities, and industry best practices?

For this, I always recommend surrounding yourself with the right people and sources. It’s definitely a lot easier if you already work in cyber because if there’s one thing people in cyber like talking about, it’s cyber!

If you’re starting out, you won’t always have the luxury of your colleagues giving you a breakdown of the latest cyber threats the minute they’re announced. For budding cyber enthusiasts, I would recommend finding a cyber community which you can actively communicate with, for example, on Discord, and following a few people from ‘cyber Twitter’.

Essentially, make it so that you're flooded with updates on the latest security threats, vulnerability exploitation videos, and articles on industry best practices every day.

Are there any specific resources or communities you find particularly valuable for your ongoing learning?

A nice segue from the last question! Might sound biased now, but I was a member of the TryHackMe Discord community long before I worked here. The TryHackMe community is full of smart, passionate cyber enthusiasts and is a great way to expose yourself to the world of cyber and get turned on to all the right resources.

How does your experience come into play when you create TryHackMe training rooms?

Well, everybody who knows something learned it at one time or another. In my experience as a DevSecOps engineer, I hit a lot of walls when learning the fundamentals or new technologies. I try to remember the walls I hit and why I hit them, then write the content in a way that would keep ‘past-Max!’ from hitting those walls and (hopefully) our user base too.

What would you say to other people who are considering a career as a DevSecOps Engineer?

As mentioned at the beginning of this interview, DevSecOps is a ‘Swiss army knife’ role combining different skill sets from multiple roles. Upskilling in all of these skill sets can be daunting, but just take it a step at a time.

I also suggest making personal projects that combine a skill you already have with one you want to learn. Take it from there and keep going. Throughout this interview, I mentioned a few of the difficulties I faced while trying to become a DevSecOps Engineer, but overcoming those challenges and landing the role was incredibly rewarding.

I loved my time as a DevSecOps Engineer, and if you also like the sound of it, there's no better time to start with TryHackMe’s new DevSecOps learning path!

Max, thank you so much for your insight. If you’d like to follow Max’s journey, check him out on LinkedIn!

Check out the TryHackMe DevSecOps training to kickstart your DevSecOps journey!

authorBen Spring
Feb 27, 2024

Recommended

Get more insights, news, and assorted awesomeness around cyber training.

from-the-military-to-cloud-security-architect-how-steven-upshaw-used-tryhackme-to-reinvent-his-careerBlog • 3 min read

From the Military to Cloud Security Architect : How Steven Upshaw Used TryHackMe to Reinvent His Career

When Steven Upshaw retired from the U.S. military in 2021 after 25 years of service, he wasn’t sure what was next. What he did know was this: he still had the drive to serve, solve problems, and continuously grow.

how-tryhackmes-advanced-endpoint-investigations-learning-path-builds-the-cross-platform-expertise-modern-threats-demandBlog • 4 min read

How the Advanced Endpoint Investigation Learning path builds the cross-platform expertise modern threats demand

The Advanced Endpoint Investigations Path is a hands-on, lab-driven journey built to close the growing skill gap in digital forensics and incident response.

improving-incident-preparedness-with-tryhackmes-new-tabletop-exercises-ttx-productBlog • 4 min read

Improving incident preparedness with TryHackMe’s new tabletop exercises (TTX) product

We’ve launched a free TTX product that allows SOC and IR teams to create custom tabletop exercises within minutes. Organisations can use AI to tailor tabletop scenarios to their environment by providing details on their industry, common attack types, architecture and more.

Join over 640 organisations upskilling their
workforce with TryHackMe

TryHackMe for Business

We use cookies to ensure you get the best user experience. For more information contact us.

Read more