Work Location: Philippines
Work Experience: 5+ Yrs
Job Type: Full-Time
Job Summary:
The primary role will be to merge development, security, and operations elements to improve end-to-end system security. You will be responsible for creating and implementing systems that are optimized for scalability, functionality, and security, enhancing the security posture of our development and production environments, and working collaboratively with development and operations teams
Specific Duties & Responsibilities:
- Collaborate with Software Engineers: Work with software engineers to identify critical areas for security implementation in the development process.
- Design and Implement Secure Practices: Develop, test, and implement secure software development practices and standards.
- Automate Security Controls: Automate security controls, data protection, and vulnerability management systems in deployment pipelines.
- Continuous Monitoring: Monitor the security of applications and infrastructure to identify potential vulnerabilities and coordinate remediation efforts.
- Incident Response: Participate in incident response and forensic analysis of cybersecurity events.
- Security Assessments: Conduct regular security assessments, audits, and compliance checks.
- Training and Awareness: Provide training and awareness to development and operations teams on secure coding practices and threat mitigation.
- Documentation: Document and communicate security procedures, policies, and how they align with the company’s business processes.
- Stay Updated: Keep abreast of new security technologies and integrate them into the security architecture design where applicable.
Qualifications:
- Educational Background: Bachelor’s degree in engineering, computer science, or a related field.
- Experience: 5+ years of related job experience.
- Technical Expertise: Proficiency in DevSecOps toolkits such as Ansible, Jenkins, Artifactory, Jira, Black Duck, Terraform, Git/Version Control Software.
- Security Frameworks: Familiarity with information security frameworks and standards.
- DevOps Automation: Knowledge of DevOps automation tools like Terraform, GitHub, and GitHub Actions.
- Security Services: Experience with security services like Prisma Cloud, SIEM, SOC, Nessus, CrowdStrike.
- Problem-Solving Skills: Strong analytical and problem-solving skills.
- Communication Skills: Excellent verbal and written communication skills.
- Team Collaboration: Ability to work collaboratively in a team environment.
- Adaptability: Ability to adapt to new technologies and learn quickly
Languages:
- SQL (Optional)
- Bash, Perl, PowerShell, Ruby and Python (Optional)
Tools and Services:
- CI/CD Pipelines
- Kubernetes / Docker
- Cloud Services (Optional)
- Git or SVN (Optional)
- Terraform (Optional