Role description:
●Collaborate with development, operations, and security teams to integrate security into the CI/CD pipeline, ensuring that security is embedded at every stage of the software development lifecycle.
● Design, implement, and maintain security automation tools and processes to identify, manage, and remediate vulnerabilities in the development and production environments.
● Develop and enforce security policies, standards, and best practices for cloud-based and on-premises infrastructure.
● Monitor and analyze security vulnerabilities and incidents, providing timely and effective remediation.
● Perform regular security assessments, including code reviews, vulnerability scans, and penetration tests, to ensure the security of applications and infrastructure.
● Implement and manage security tools such as firewalls, intrusion detection/prevention systems, and endpoint protection.
● Work with development teams to ensure secure coding practices and compliance with security standards.
● Lead efforts to secure Kubernetes clusters and containerized environments.
● Manage infrastructure as code (IaC) using tools like Terraform, OpenTofu, or CloudFormation to ensure secure and scalable deployments.
● Automate security tasks and processes using Python and shell scripting.
● Stay up-to-date with the latest security threats, technologies, and industry trends, and apply this knowledge to enhance the security posture of the organization.
● Participate in incident response and disaster recovery planning and execution.
● Minimum of 8 years of experience in DevSecOps, security engineering, or a related field, with a strong focus on security.
● Prior experience building a security program in China, and an understanding of which security vendors can effectively be used in China.
● Experience with AWS or deep fluency in one of GCP or Azure, with a strong desire to expand knowledge into AWS.
● Proficiency with CI/CD tools such as Github Actions, Jenkins, GitLab CI, or CircleCI, and experience in integrating security tools into these pipelines.
● Hands-on experience with Kubernetes, including securing and managing clusters in production environments.
● Proficiency with infrastructure as code (IaC) tools such as Terraform, OpenTofu, or CloudFormation.
● Strong programming skills in Python and shell scripting for automation and security tasks.
● Knowledge of security best practices, including secure coding, encryption, authentication, and access control.
● Excellent problem-solving skills, with the ability to troubleshoot complex security issues.
● Strong communication skills, with the ability to convey technical security information to non-technical stakeholders.
● Fluent in English.
Preferred Qualifications:
● Experience in security architecture and designing secure systems.
● Knowledge of JavaScript and securing JavaScript-based applications.
● Relevant certifications such as CISSP, Security+, or AWS Certified Security – Specialty.
● Experience with automating security in a microservices architecture.
● Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent work experience).