DevSecOps Engineer

Job description:

Expected DevSecOps Engineer Profile :

Excellent academic results, bachelor s degree in IT (CGPA: 3.0 or similar grading is a must)

Minimum 5 years of experience working in AWS Cloud Services such as AWS Organization, EC2, RDS, S3, AWS Backup etc.

Min 3 years experience in :

o Operation and security automation

o Infra As Code, e.g. Terraform

o Programming using scripting languages, e.g. JavaScripts, Bash, Python and Shell scripting

o DevOps Tools, e.g. GITLab, AWS CodeDeploy etc

o Cloud Security & Compliance

o Kubernetes or other container technology

o RDBMS (Oracle, SQL Server, MongoDB or Postgressql)

Experience in either one of the working environment:

o Collaboration with multiple teams

o Matrix reporting structure

o Multinational Company

Strong understanding in the followings:

o Software Development Lifecycle

o Security Concepts of integrity, confidentiality and availability

o Best Security Practices and principles

o DevOps Principles, including CI/CD, Automation & Collaboration

Passionate in :

o Acquiring new knowledge

o Continuous improvement in development, security & operation processes and practices

SoftSkill :

o Good in English (verbally and written)

o Able to communicate effectively both one-on-one and with teams in business and in IT

o A good team player and ability to work as a team, shares knowledge and bring the team forward

o Strong listening skills to understand. Shows empathy by seeking to understand and identify the real needs of business stakeholders and developers

o Able to address conflict by promoting constructive discussion and getting cooperation

Expected DevSecOps Responsibility :

Working in DevSecOps Engineer team in performing the followings :

Implement and operate AWS Cloud Platform Engineering Foundational Services such as account management, cost management, networking, and access control.

Configure and manage AWS services like AWS Organizations, VPC, CloudFormation, Security Hub, Config, GuardDuty etc.

Provide visibility into end-to-end operational and monitoring metrics to the product teams, to get to you build it, you run it model.

Build AWS resources using Infrastructure as code using Terraforming

Work with vendors, users and product teams to continuously improve the delivery of AWS cloud-based services.

Establish and adhere to appropriate governance and security control.

Establish technical requirements to meet functional and business SLAs.

Establish and document technical requirements according to policies into format that business users can understand; document issue resolution and technical run books.

Develop DevSecOps culture within the team by building, testing, packaging, releasing and deploying infrastructure as code.

Automating security checks in the CI/CD pipeline.

Conducting vulnerability assessments on software and infrastructure.

Developing and implementing security policies and procedures.

Responding to security incidents and coordinating with other teams to remediate issues.

Monitoring security dashboards and alerts to identify potential threats.

Automating deployment pipelines with security features.

Using cloud infrastructure security tools to secure public cloud environment