DevSecOps Engineer

Hegka Vietnam

  • Ho Chi Minh City
  • Permanent
  • Full-time
  • 1 month ago
  • Apply easily
Key Responsibilities
  • CI/CD Pipeline Management: Build and manage CI/CD pipelines to ensure automation, security, and scalability across all stages of the development lifecycle.
  • Infrastructure & Security: Design and implement secure infrastructure solutions leveraging cloud services, containerization, and orchestration tools (e.g., Kubernetes, Docker).
  • Code Security: Conduct regular code reviews and static/dynamic analysis to identify and remediate security vulnerabilities.
  • Monitoring and Incident Response: Implement continuous monitoring for issues or threats and respond to incidents promptly and effectively.
  • Compliance and Best Practices: Ensure compliance with industry standards and best practices, including GDPR, ISO, PCI-DSS, and others.
  • Collaboration: Work with development, operations, and security teams to foster a culture of automation and security-first thinking.
  • Mentorship: Mentor junior engineers and team members on security best practices.
  • Documentation: Maintain thorough and up-to-date documentation of security policies, procedures, and incident reports.
  • Rapid Prototyping: Utilize rapid prototyping techniques to accelerate time-to-market for customers.
  • Trend Scouting: Stay updated with the latest trends in technology and AI to integrate innovative solutions into processes.
Qualifications
  • Education: Bachelors degree in Computer Science, Information Technology, or a similar discipline.
  • Experience: Over 3 years in DevOps/DevSecOps positions, emphasizing security.
  • Technical Expertise:
  • Skilled in cloud environments (AWS, Azure, or GCP) and their protective features.
  • Proficient with CI/CD systems (Azure Pipeline, Jenkins, ArgoCD, GitLab CI).
  • Experienced in Infrastructure-as-Code tools (Terraform, Terragrunt, Helm) and aware of GitOps principles.
  • Adept at container management and orchestration (Docker, Kubernetes).
  • Knowledgeable about security utilities (SIEM, SonarQube, OWASP ZAP, Trivy).
  • Competent in scripting languages (Python, Bash, PowerShell).
  • Understanding of network defenses, firewalls, VPNs, and IDS/IPS.
  • Solid grasp of SQL/NoSQL databases (PostgreSQL, MongoDB, etc.).
  • Familiarity with AI and machine learning concepts to bolster security and automate threat identification.
  • Interpersonal Skills:
  • Forward-thinking and problem-solving attitude.
  • Creative and business-savvy perspective.
  • Capacity to excel both collaboratively and independently.
  • Resilience in a high-speed, demanding setting.
  • Sound judgment and decision-making.
  • Outstanding dedication to work quality.

Hegka Vietnam