DecSecOps Engineer

Công ty CP Công nghệ Finviet

- Provide security techniques and expertise to ensure the infrastructure and software services meet specific customer security requirements/certifications

- Collaborate with members of the team and product owners to solve operational issues and develop enhancements such as automation.

- Ensure applications stay compliant by integrating application and DevSecOps processes and CI/CD pipelines from early stages of the lifecycle.

- Collaborate with team members on continuous improvement to both the Security DevOps pipelines and processes, and to the Information Security tools, services, and processes.

- Understand technical and business requirements to develop tactical and strategic roadmaps to address and implement Secure SDLC controls (Data Privacy, SAST, DAST, etc).

REQUIREMENTS

- Bachelor Degree in information security, computer science.

- Experience working in an Agile, DevOps/SecDevOps environment.

- Experience working in a Security role handling on premise and cloud infrastructures.

- Experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for everyday deployments.

- Experience with Authentication and Authorization solutions.

- Experience with static code analysis for software or infrastructure as code, including SonarQube,Terraform.

- Experience with vulnerability scanners, including Tenable Nessus, Qualys, ...

- Understanding of secure software development practices - AppSec - Security and/or regulatory experience desired, OWASP 10 and Web Application Security, Mobile Application Security, API Security.

- Good knowledge of threat modeling, risk assessment techniques, code reviews, and with the latest security best practices

- Require good knowledge of CI/CD tools

- Require good knowledge in automatic configuration management tool

- Good knowledge of containers and orchestration platforms. Need to know how to create, build, deploy and manage containers in development and production environments

- Experience in developing integration APIs and WebServices (REST/SOAP), API Development

• Lunch allowance and parking free
• 13th month salary, project bonus, gifts (New Year, birthday, 8/3, 20/10..)
• Team building, company trip
• Insurance after 2 months of probation, PVI insurance for some levels
• Annual health check-up
• Training in work and fast-track your career path
• Working in a friendly and professional environment