Devsecops Engineer

Expected DevSecOps Engineer Profile :
· Excellent academic results, bachelor’s degree in IT (CGPA: 3.0 or similar grading is a must)
· Minimum 5 years of experience working in AWS Cloud Services such as AWS Organization, EC2, RDS, S3, AWS Backup etc.
· Min 3 years’ experience in :
o Operation and security automation
o Infra As Code, e.g. Terraform
o Programming using scripting languages, e.g. JavaScripts, Bash, Python and Shell scripting
o DevOps Tools, e.g. GITLab, AWS CodeDeploy etc
o Cloud Security & Compliance
o Kubernetes or other container technology
o RDBMS (Oracle, SQL Server, MongoDB or Postgressql)
· Experience in either one of the working environment:
o Collaboration with multiple teams
o Matrix reporting structure
o Multinational Company

· Strong understanding in the followings:
o Software Development Lifecycle
o Security Concepts of integrity, confidentiality and availability
o Best Security Practices and principles
o DevOps Principles, including CI/CD, Automation & Collaboration
· Passionate in :
o Acquiring new knowledge
o Continuous improvement in development, security & operation processes and practices
· SoftSkill :
o Good in English (verbally and written)
o Able to communicate effectively both one-on-one and with teams in business and in IT
o A good team player and ability to work as a team, shares knowledge and bring the team forward
o Strong listening skills to understand. Shows empathy by seeking to understand and identify the real needs of business stakeholders and developers
o Able to address conflict by promoting constructive discussion and getting cooperation

Expected DevSecOps Responsibility :
Working in DevSecOps Engineer team in performing the followings :
· Implement and operate AWS Cloud Platform Engineering Foundational Services such as account management, cost management, networking, and access control.
· Configure and manage AWS services like AWS Organizations, VPC, CloudFormation, Security Hub, Config, GuardDuty etc.
· Provide visibility into end-to-end operational and monitoring metrics to the product teams, to get to “you build it, you run it” model.
· Build AWS resources using Infrastructure as code using Terraforming
· Work with vendors, users and product teams to continuously improve the delivery of AWS cloud-based services.
· Establish and adhere to appropriate governance and security control.
· Establish technical requirements to meet functional and business SLAs.
· Establish and document technical requirements according to policies into format that business users can understand; document issue resolution and technical run books.
· Develop DevSecOps culture within the team by building, testing, packaging, releasing and deploying infrastructure as code.
· Automating security checks in the CI/CD pipeline.
· Conducting vulnerability assessments on software and infrastructure.
· Developing and implementing security policies and procedures.
· Responding to security incidents and coordinating with other teams to remediate issues.
· Monitoring security dashboards and alerts to identify potential threats.
· Automating deployment pipelines with security features.
· Using cloud infrastructure security tools to secure public cloud environment