How the Move to DevSecOps is Changing the Tech Job Market
08/11/22 by Motion Recruitment
As the DevOps world is starting to evolve into DevSecOps, the hiring process is evolving along with it. Studies are showing a 32.2% compounded annual growth rate for the DevSecOps market through 2028, reaching a projected revenue of over $23 billion. What will the influx of cash mean for those looking for a job in the tech industry? To find out, it’s important to understand exactly what DevSecOps is and why it’s important, how it’s changing from DevOps, what types of businesses will be making the move to DevSecOps, and finally, how all of these factors will affect the job market.
What is DevSecOps and how does it differ from DevOps?
At their core, DevOps and DevSecOps are philosophies in company structures that break down walls between departments. With DevOps, it is removing barriers between development teams and operations teams, keeping both sides of the equation aware and working together to make sure both sides have what they need to launch a successful product.
DevSecOps is a continuation of that process, but now with security being added to the thought process. As Kapil Bareja, Global Technical Leader at Saviyn explained, “By empowering the teams to take responsibility for security through the DevOps lifecycle, DevSecOps allows development, security and operations teams to find and remediate security issues faster.”
Why DevSecOps Is Important and Growing in Popularity
Cyber security is now more than ever at the forefront of the tech industry, with even the Office of the President issuing an Executive Order to improve the cyber security of critical infrastructure in the United States. But for companies, implementing cyber security protocols can’t get in the way of efficiency.
It’s this necessity for efficiency, while improving the security of a product, that leads to one of the biggest reasons for the continued move to DevSecOps: Automation. By thinking of security at the outset, things like checking for vulnerabilities can go from a time-consuming manual job to an automatic process that happens has a program is being built out. An automated DevSecOps philosophy done well leads to a win/win for companies, a product to the public that is done safer and completed faster.
What Industries are Moving to DevSecOps Quickly?
According to recent studies, the BFSI (Banking, Financial Services, and Insurance) industry is primed to see the largest growth in DevSecOps spending over the next decade. This tracks with consumer trends, as the increased popularity of mobile banking and investment has led to a dramatic increase in cyber attacks on the banking industry.
Currently, IT and telecommunication are the biggest drives in investing in DevSecOps, being responsible for over 20% of DevSecOps revenue share. With DevSecOps being helpful with maintaining compliance efforts, IT and telecommunications have been a natural fit as one the first major sector to embrace DecSecOps practices.
Where is DevSecOps Headed in the Future?
In the next few years, the tech industry will continue to see the push toward the integration of DevSecOps with product and enterprise application development. There are specific parts of the economy that a DevSecOps implementation will be paramount, with software supply chain security expected to be a place where DevSecOps could be helpful to improve processes. Bareja predicts, “Third Party Risk Management teams will likely play a key role in developing programs to track and assess software supply chain security, especially considering they are usually the front-line team who also receives inbound security questionnaires from their business partners.”
Additionally, container security automation will be somewhere that DevSecOps will see growth, especially in businesses that have to operate under strict compliance frameworks. Those working under PCI-DSS, HIPAA, GDPR, and other strict compliance frameworks will see an accelerated push into container security automation in 2022.
What Does the DevSecOps Influx Mean for Job Seekers?
With this increase of companies looking to have DevSecOps part of their product cycles, businesses will be looking for developers that have at least a passing knowledge of security and for security workers to have a basic understanding of developer tools. The continual move left of security is the main driver of the need for this knowledge. That being said, it does not mean these roles will meld into one. It’s will not be the job of developers to have extensive knowledge of security protocols, or for security personnel to become experts in topics like Kubernetes, but those who can grasp the basics and know how their skills fit into the DevSecOps process will be candidates in high demand inside the DevSecOps Market.
Working in DevOps or DevSecOps and looking for a new opportunity in your career? Contact your local Motion Recruitment office today to connect with one of our recruiters to see how we can help you take your tech career to the next level and find the role that checks all the boxes of what you're looking for in a tech role.