I am a frontend developer, planning to gain hands on experience in DevOps. However, I'm not sure of if only DevOps or DevSecOps.
Recently I tried learning Jenkins while last year took an Udemy course on AWS. I am pretty much aware of Shared hosting & have practical experience on this.
My question is what career/learning path I should choose?
DevOps is more than just a CI/CD tool. A really important aspect is culture. If you would google you can find a lot of information about that. Regarding the technical knowledge, it could be a good idea to take a look at https://roadmap.sh/devops, or in your case maybe the beginners version: https://roadmap.sh/devops?r=devops-beginner. But notice that everyone's path is different. The roadmap really focuses on the linux/docker stack ecosystem, while my current customer is a Microsoft house, meaning that my knowledge of PowerShell, C# and Bicep is really useful. Good luck and please ask for more details if needed.
Given your background as a front-end developer with experience in Jenkins and AWS, you already have a good foundation.
For a career path in DevOps, you can consider the following steps:
Continue with Jenkins: Since you've already started learning Jenkins, deepen your knowledge and explore advanced features. Jenkins is a widely used automation tool in the DevOps ecosystem.
AWS Skills: Continue building on your AWS skills. Understanding cloud services is crucial in a DevOps role, and AWS is a prominent cloud platform.
Learn Version Control: Familiarize yourself with version control systems like Git. Proficiency in Git is essential for collaborative development and continuous integration.
Containerization: Explore containerization technologies like Docker. Containerization is a fundamental aspect of modern DevOps practices.
Infrastructure as Code (IaC): Learn Infrastructure as Code tools like Terraform or AWS CloudFormation. This helps in managing and provisioning infrastructure in an automated and scalable way.
Continuous Integration/Continuous Deployment (CI/CD): Build on your Jenkins knowledge to understand and implement CI/CD pipelines. This is a key aspect of DevOps, ensuring continuous delivery and deployment.
DevSecOps stands for development, security, and operations. It is an extension of the DevOps practice. Each term defines different roles and responsibilities of software teams when they are building software applications. Some of the skill sets that you need to incorporate to achieve this through the DevOps process are:
Security Fundamentals: Gain a solid understanding of security fundamentals, including threat modeling and risk assessment.
Security in CI/CD: Learn about integrating security checks into the CI/CD pipeline. Tools like SonarQube or Checkmarx can help in static code analysis.
Container Security: Understand how to secure containers, especially if you're using Docker. Learn about tools like Clair for vulnerability scanning.
Infrastructure Security: Extend your knowledge to secure infrastructure as code. This involves implementing security measures in your IaC scripts.
Compliance and Auditing: Learn about compliance standards and how to implement auditing in your DevOps processes.
Ultimately, the choice between DevOps and DevSecOps depends on your interests. DevSecOps is gaining prominence as organizations prioritize security throughout the development lifecycle. You can learn more about the path and the platforms that you need to learn in Roadmap.sh
