Mô Tả Công Việc
DevSecOps engineers will provide abilities on testing and monitoring security vulnerabilities and compliance status of our company's IT systems and cloud services by developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and appropriate solutions. Specifically, you will:
- Work closely with the development team and SRE team to identify potential security risks in the software development process and patch these weaknesses in a timely manner, and add countermeasures to prevent new threats.
- Work with our development team and SRE team to enhance security level on the existing CD/CI process.
- Support Information Security Engineers to define and implement security policies and standards related to CD/CI, SDLC, Cloud Security, Container Security areas.
- A part of the SRE team to design, deploy and deliver automation scripting and frameworks in monitoring, testing and managing security vulnerabilities in a cloud environment.
- Install, configure, and maintain security solutions deployed on operating systems, containers or cloud services.
- Support Information Security Engineers to conduct security assessment and review periodically related to privileged accounts, access rights, secure configurations, and patch management to ensure that IT systems and cloud services comply with security standards such as ISO 27001, NIST and CIS.
- Work together with Information Security engineers, SRE team and vendors to research, test and implement new security solutions.
Yêu Cầu Công Việc
- Bachelor's Degree in Computer Science or related IT field.
- At least 2 years of experience in Information security or related fields.
- Familiarity with API Security, Container Security, IaaS & PaaS Security and SDLC.
- Knowledge of ISO 27001, NIST 800-53, CIS and PCI-DSS Standards, Policies and audit processes.
- Strong skills with Infrastructure such as Code, security automation, scripting (ex: shell scripts, Python, Puppet, Ansible, etc).
- Capability to prepare security vulnerability and risk management reports for management.
- Ability to review, analyze and identify security risks to the organization's cloud services, containers, software development and CD/CI processes.
Hình thức
Quyền Lợi
- Competitive compensation package, including 13th-month salary and performance bonuses
- Comprehensive health care coverage for you and your dependents
- Generous leave policies, including annual leave, sick leave, and flexible work hours
- Convenient central district 1 office location, next to a future metro station
- Onsite lunch with multiple options, including vegetarian
- Grab for work allowance and fully equipped workstations
- Fun and engaging team building activities, sponsored sports clubs, and happy hour every Thursday
- Unlimited free coffee, tea, snacks, and fruit to keep you energized
- An opportunity to make a social impact by helping to democratize credit access in emerging markets.