View All Jobs 124322

Devsecops Consultant

Design and implement reusable multi stage YAML pipelines for the e-Comment web application
Geneva, Geneva, Switzerland
Mid-Level
$280 USD / day
21 hours agoBe an early applicant
ITUUN tech agency

ITUUN tech agency

Specialized United Nations agency coordinating global telecommunications standards, spectrum management, and digital development to foster inclusive, secure information and communication technologies.
1 Similar Job at ITUUN tech agency

Devsecops Consultant

Vacancy notice no: 2278 Sector: BR Department: IAP Country of contract: Switzerland Duty station: Geneva Position number: [[positionNumber]] Grade: [[PositionGrade]] Type of contract: Consultant Duration of contract: 6 months Recruitment open to: External Application deadline (Midnight Geneva Time): 6 April 2026

The Radiocommunication Bureau (BR) is responsible for the application of the Radio Regulations and for technical and administrative support of ITU World and Regional Radiocommunication Conferences, Radiocommunication Assemblies and Study Groups. The Bureau also carries out the international regulatory processes for registration of frequency assignments and satellite orbits and assists administrations in their coordination and implementation of frequency spectrum and orbit requirements as well as in resolving cases of harmful interference. It provides the specialised technical secretariat for the work of the Radiocommunication Study Groups and the Radiocommunication Assembly in the development of recommendations for spectrum utilisation and radio system characteristics. The BR is organised into four Departments: Space Services Department, Terrestrial Services Department, Informatics, Administration and Publications Department and the Study Groups Department.

The Informatics, Administration and Publications Department (IAP) comprises of four Divisions: Space Applications Software (SAS), Terrestrial Applications Software (TAS), Common Software Platform Division (CSP) and Business Operations and Planning Division (BOP). The Department is responsible for the development and maintenance of software and related tools used by the BR as well as software adapted for national frequency management units, providing the necessary user support for the areas concerned. It carries out studies related to policies for the technologies to be used for the information and computational systems within the BR and with administrations in the fields of management of the radio frequency spectrum and the various satellite orbits. The Department is responsible for managing all aspects of the BR's operations, including the development of BR operational plans, organizational support of ITU-R conferences and meetings, BR project management processes and procedures, BR text editing and publications, as well as promotion and membership. The Department is also responsible for human resources management and planning for the BR.

Background Information

This consultancy is within the Common Software Platform Division (CSP) in the Informatics, Administration and Publications Department (IAP) that is responsible for modernizing and evolving software applications and related tools used in the BR. The objective of this consultancy is to support the implementation of the e-Comment project. E-Comment is a new web application (React frontend/.Net backend) which will replace the SpaceCom legacy desktop application for commenting on coordination requirements established by the BR.

Terms Of Reference

Under the guidance of the head, CSP division the consultant will:

  • Conduct a technical assessment of current CI/CD pipelines, build processes, tooling, infrastructure automation, and security practices. Identify areas for improvement aligned with best practice DevSecOps standards.
  • Create or improve automated Azure DevOps pipelines for web and desktop applications, including building, testing, security scanning, dependency analysis, packaging, and deployment across multiple environments. Establish pipeline templates and standards for scalable reuse across multiple BR applications. Enhance deployment reliability through rollback mechanisms, approvals, and reproducible build practices.
  • Integrate automated security scanning (SAST, DAST, SCA, container scanning), vulnerability management, license compliance checks, and secure build practices into all pipelines.
  • Containerize appropriate services (where feasible) and design deployment pipelines for cloud platforms (Azure and/or AWS).
  • Implement automated workflows for building, packaging, code signing (including Windows executables), and distributing desktop applications in a secure, repeatable manner.
  • Configure or improve Infrastructure-as-Code (IaC) templates, monitoring, logging, and environment provisioning to ensure consistent and reproducible infrastructure.
  • Work closely with developers to define requirements, establish DevSecOps standards, and train teams on new tools and processes. Produce clear, maintainable documentation covering DevOps workflows, security practices, pipelines, troubleshooting procedures, and operational guidelines.

Concrete Deliverables

  • Design and implementation of reusable multi stage YAML pipelines for the e-Comment web application, including: Dev → QA → Prod staged deployments, automated IIS deployment, built in rollback mechanisms, automated unit test execution, code coverage reporting, static code analysis via SonarQube, automated security vulnerability scanning and quality gate checkpoints integrated into the CI process. These pipelines should adopt best practice DevSecOps patterns, support containerization/cloud deployment, and must be designed for reuse across other BR web applications, ensuring a unified and secure development lifecycle.
  • Creation of a fully automated desktop application build and release pipeline for SpaceGIBC including secure file-based code signing integration, automated build, packaging, and versioning, staged rollout strategy and automated distribution workflows. The templates should be designed for reusability across other desktop applications. This pipeline should follow secure practices, ensuring reproducible and trusted executable generation.
  • Assessment of a technical feasibility for containerizing the SpaceGIBC desktop application, documenting findings, constraints, and recommended architecture. Where feasible, implementation of a proof-of-concept containerized deployment with reusable Azure DevOps pipelines for building, scanning, and deploying container images to a cloud environment. If full containerization is not viable within scope, delivery of a baseline pipeline architecture applicable to other BR applications that are suitable for containerization.
  • Conduct of practical training sessions for developers covering Azure DevOps pipeline creation and management, best practices for CI/CD, DevSecOps, and automation and usage of new templates, tools, and workflows.
  • Documentation of all implemented processes, pipelines, standards, and procedures in Confluence, ensuring smooth adoption across teams.

Competencies

  • Azure DevOps (multi-stage YAML pipelines, environments, approvals, pipeline templates, Azure Artifacts).
  • DevSecOps tooling (SAST, DAST, SCA, container scanning, SonarQube, quality gates).
  • Windows desktop application build automation (MSBuild, packaging, versioning, code-signing).
  • Containerization and container image management (Docker, Azure Container Registry).
  • Cloud deployment on Azure (App Services, AKS or Container Apps, Key Vault).
  • Infrastructure-as-Code (Bicep or Terraform), environment provisioning, and basic observability configuration (Azure Monitor, Application Insights).
  • Scripting and automation (PowerShell, Bash).
  • IIS deployment automation and web application release management.
  • Technical documentation and developer training.

Qualifications Required

Education:

Advanced university degree in systems engineering or information technology, or computer science or a related field OR education from a reputed college of advanced education with a diploma of equivalent standard to that of an advanced university degree in one of the fields above.

Experience:

At least five (5) years of experience in the field relevant to the Special Service Agreement (SSA).

  • Proven experience in designing and automating CI/CD pipelines and deployment processes for web and/or desktop applications, primarily in Windows environments using Azure DevOps.
  • Demonstrated hands on experience with containerization and deploying applications to cloud environments, preferably Azure and/or AWS.
  • Experience in applying DevSecOps practices such as automated testing, code quality checks, and security scanning within CI/CD workflows.
  • Hands-on experience in automating desktop application building pipelines, including packaging, versioning, and code-signing of Windows executables in a CI/CD context.
  • Experience with Infrastructure-as-Code (IaC) and configuration management tools (e.g., Terraform) is desirable.
  • Prior involvement in modernizing legacy build or deployment processes and transitioning them into modern automated CI/CD workflows is desirable.
  • Experience with AKS, Azure Container Apps, or equivalent orchestration platforms is desirable.

Languages:

Knowledge of English or French at advanced level.

Remuneration Information

USD 280 per working day.

+ Show Original Job Post
Suggest a correction
























Devsecops Consultant
Geneva, Geneva, Switzerland
$280 USD / day
Operations
Apply to job
About ITUUN tech agency
Specialized United Nations agency coordinating global telecommunications standards, spectrum management, and digital development to foster inclusive, secure information and communication technologies.