SOAR technologies strive to automate some of the repetitive human effort required to maintain a strong security posture. Here's how SOAR tools fit into an enterprise security strategy.
DevOps jobs: 5 trends to watch
What’s hot in DevOps job titles, skills, and organizational strategies? Take note, job seekers and hiring managers
Whether you’re going after a DevOps job or building out a DevOps team, you need to understand the overall DevOps jobs landscape. It’s not always simple. While DevOps continues to gain steam in IT organizations, it’s still a discipline that is relatively young. That leads to some confusion and debate around things like job titles, necessary skills, and organizing principles – even as DevOps salaries continue to rise.
[ Some common DevOps wisdom falls flat. Read 7 pieces of contrarian DevOps advice. ]
The Enterprisers’ Project talked to Eveline Oehrlich, research director and research lead for the DevOps Institute’s 2019 DevOps Skill Report about some of the most important shifts taking place as the DevOps discipline and job market continues to evolve. The data from your peers proves illuminating:
1. DevOps Engineer title dominates
Titles for DevOps professionals have been in flux from the start, but DevOps Engineer is beginning to emerge as a clear frontrunner. It’s worth noting some DevOps practitioners still dislike this title.
[ Read also: The great “DevOps engineer” title debate. ]
According to the DevOps Institute’s most recent survey, 39 percent of respondents around the globe were recruiting for the DevOps Engineer/Manager title. Behind that were Software Engineer (29 percent), DevOps Consultant (22 percent), Test Engineer (18 percent), Automation Architect (17 percent), Infrastructure Engineer (16 percent), and CI/CD Engineer (16 percent).
The takeaway for IT leaders: Be clear about the particular role's needs and expectations. “[They] must leverage the DevOps engineer/manager role, but define in its job description what it means, what skills are necessary (soft, technical, functional, or otherwise) in the context of their DevOps journey,” says Oehrlich. “Every DevOps engineer/manager job is different as it depends on the team’s topology, maturity of the company, roadmap to achieve velocity and quality of software, and culture.”
2. DevOps shops demand multi-faceted professionals
Companies are making the shift from seeking I-shaped individuals — those with one specialization — to T-shaped professionals who still have a specialization, but also have broad expertise to cap it off, says Oehrlich.
Early DevOps shops were staffed with a suite of specialists like security practitioners, software developers, or infrastructure engineers. But as digital transformation has emerged as a top priority, organizations are seeking or grooming tech pros who have not only depth of knowledge in a particular area but also a wide breadth of know-how in related areas like testing. Examples of T-shaped roles include site reliability engineers (SREs) and test-driven developers.
The functional skills most in demand for DevOps hires include IT operations knowledge (52 percent), IT infrastructure knowledge (45 percent), security practices (45 percent), and application development and delivery (41 percent). “Leaders must look for T-shaped individuals who are able to help them shift their organization into the future,” Oehrlich says.
3. Teams struggle to bring DevOps enterprise-wide
There’s not a lot of clarity in the market about whether DevOps will be a project-based discipline or one that will be adopted enterprise-wide. As we recently noted, doing DevOps and doing DevOps at scale are two very different things: Many organizations do a great pilot project or two, then stumble. Culture change often proves to be the chief hurdle.
According to the DevOps Institute data, nearly a quarter of respondents (24 percent) have cross-functional groups distributed across IT teams and business units. However, 22 percent are still forming DevOps teams on just a project-by-project basis.
[ Read also: How to scale DevOps: 10 expert tips. ]
“The digital transformations organizations have started, many have been dragging their feet on because their environments are complex and the funds to make changes across the entire enterprise are difficult to get,” says Oehrlich. Also, enterprises that have command-and-control cultures with deeply ingrained organizational charts face tough cultural challenges transforming their organizations.
Do you have experience helping an organization tackle culture change? By all means, talk about it, and the lessons learned, in your resume and interview. This makes you a more valuable DevOps job candidate.
4. Site Reliability Engineering (SRE) gains buzz
SRE – a discipline that applies aspects of software engineering to infrastructure and operations problems – is the acronym du jour, according to Oehrlich. In fact, 10 percent of survey respondents said they were recruiting site reliability engineers – a result that surprised the DevOps Institute’s research team. Google is responsible for SRE, an approach it came up with several years ago. While no one offers a concise definition of the approach, the founder of Google’s SRE team has described it as “what happens when a software engineer is tasked with what used to be called operations."
Some SRE disciplines include a mathematical formula for making the go/no go launch decision and assigning operations professionals to oversee software reliability (the site reliability engineers).
While there’s no denying increased interest in SRE, Oehrlich is concerned that IT leaders may be looking to it as some kind of panacea. “Unless there is a fundamental change in how we allow our people to work – it will be another band-aid,” she says.
[ Some people get confused about Agile vs. DevOps. We break it down: Read Agile vs. DevOps: What’s the difference? ]
5. DevSecOps approach wins over IT leaders
The speed that agile development and DevOps enables comes with risk. Frequently changing code, expanding attack surfaces, and a rapidly evolving threat landscape make security a critical concern. Enter DevSecOps (or SecDevOps, or even Rugged DevOps), an approach that builds security into development and deployment workflows from the start.
“We see this clearly in the demand for the security practice skills in our functional skill category,” Oehrlich says. “Complexity and the continual effort to improve the digital customer experience forces DevOps to become DevSecOps as security must be an integral part of this important journey.”