DevSecOps Engineer
- Responsibilities
- Utilise tools and write scripts to monitor and analyse vulnerabilities as well as automate solutions.
- Scan and test infrastructure ranging from APIs, load balancers, CI/CD pipelines, container orchestrators using open source tools.
- Work in Infrastructure as a Code and Configuration Management using Terraform.
- Work with Containers (Docker) and Container Orchestration (Kubernetes) using best practices to secure/harden and scan these technologies
- Work with Infrastructure and Networking teams to review processes and implement process improvements and contribute to Risk Based Assessments of ZALORA’s security program.
Requirements
- At least 5 years of working experience in cloud infrastructure and network security
- Thorough understanding of network infrastructure principles and extensive knowledge of current technological developments in the cloud security field
- Competency in vulnerability tests, patch management, anti-malware, APT, IAM
- Advanced understanding of network security tools like Nessus, nmap, Nikto, Shodan, Snort, Wireshark etc.
- Strong technical knowledge of secure engineering principle.
- Knowledge about PCI Compliance would be a strong advantage
- Nice to have - ISO ISMS Compliance knowledge
- Excellent communication skills – both verbal and written
- Strong analytical and problem-solving skills
- Ability to work collaboratively within a team