Application Security Engineer (DevSecOps)
Develab
Rekruter aktif 7h lalu
- Penuh waktu
- Hybrid • WP. Kuala Lumpur, Kuala Lumpur
- Rp30.000.000 – 60.000.000
Min. 4 years of experience
Tidak Perlu Sign Up!
Deskripsi Pekerjaan
Responsibilities:
- You will be involved with a broad set of cloud technologies, implementing requirements around security and automation of our service deployments.
- Your primary responsible is ensuring our technical designs and specifications adhere to our security standards by: initiating design and task reviews,defining detail security requirement specification in stories, regular audits to ensure deliverables adhere to the security requirements.
- You will be the bridge between software engineer team and security team to strive for a balance between deliveries and security: Assess and reproduce vulnerabilities highlighted by security team and apply mitigation measures or remediation. Present exceptional cases to security team when remediation is unavailable.
- You will evaluate and develop adequate secure software development and implement lifecycle processes to safeguard our applications throughout their life cycle.
- You also need to take responsibility to coach and develop team members about security best practices and guidelines in their role.
Kualifikasi
Qualifications:
- Bachelor’s degree in computer science, cyber security or in similar fields – Master/PhD is a bonus
- 3+ years professional experience as an Application Security Engineer or similar role
- Excellent analytical capabilities, communication skills, high commitment, self-responsibility, and customer orientation
- Experience in software development and familiar with continuous integration and tool chain (CICD).
- AWS and cloud platform as a service (PaaS) security
- Up to date of the trending vulnerabilities, threat, mitigation, and remediation.
- Team player with hands-on mentality and able to set priorities to craft a direction
- Experience in working within agile teams, and comfortable with continuous delivery.
Must Have Technical Skills:
- Strong conceptual knowledge on Microservices and application security.
- Up to date with trending threats and vulnerabilities.
- Experience in handling SAST, DAST and penetration testing results.
- Experience in application vulnerability assessment and tooling – Veracode preferred.
- Experience in application vulnerability management processes and secure application life cycle management processes.
- Proven hands-on experience with vulnerability remediation and mitigation.
- Proven hands-on experience with VCS and build tools – Git, Maven, Gradle, NPM.
- Proven hands-on experience with CI/CD – GitLab preferred.
- Development experience in any programming language – Java, NodeJs preferred.
- Experience in any cloud service provider – AWS preferred.
Good To Have Technical Skills:
- Experience in security monitoring and alerts – Datadog preferred.
- Experience in threat modelling process.
- Experience in orchestration and automation technologies – CloudFormation, Terraform, Ansible.
- Experience on database security.
- Experience with cloud/system monitoring tools – CloudNative, ELK, Datadog, etc.
- Experience in event driven architecture, GraphQL.
- Experience with Frameworks – Springboot, Angular, etc.
Must Have Soft Skills:
- Good command of English
- Ability to work independently with minimal supervision.
- Ability and willingness to pick up new technical knowledge with minimal guidance.
- Team player.
💙
Tips Menjaga Diri
Perusahaan dan Lowongan di Dealls tidak meminta data pribadi, informasi rekening, atau pungutan ketika melamar. Hindari juga lowongan Google Form / Grup Telegram tanpa keabsahan yang jelas.
Tentang Develab
SelengkapnyaTechnology Partner with Software Engineering Capabilities in mobile & web application development to complete software packages
Industri
Internet Publishing
Lokasi
Indonesia, Indonesia
Ukuran Perusahaan
1–50 employees
