Assistant Vice President – IT Security (Cloud and DevOps Security Engineer)
THE GREAT EASTERN LIFE ASSURANCE COMPANY LIMITED
S$8000 - S$11000
Design, build and implement security controls for Private Cloud, Container platform and DevOps pipeline.
- Evaluate, design and implement security-focused tools and services for Cloud, Container and CICD pipeline, and integrate with security operations and identity and access management solutions.
- Serves as security Subject Matter Expert (SME) for Cloud computing, container orchestration, and CI/CD pipeline. Provide guidance on security best practices to internal teams.
- Work with various teams to deploy security solutions that will enable continuous and automated enforcement of security controls, such as hardened container image; compliance assurance monitoring; and runtime protection against threats.
- Implement proactive security monitoring and alerting, and integrate with existing monitoring infrastructure, to collect actionable security alerts and automate remediation.
- Evaluate architectural designs and perform security reviews with engineering teams. Facilitate security review activities such as penetration testing, secure code reviews, and design/architecture security reviews.
- Support security incident management by performing security analysis and investigations of security incidents involving the cloud / container / CICD components.
· Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks.
· Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.
· Highlights any potential concerns /risks and proactively shares best risk management practices.
- Degree in Information Technology/Computing or relevant.
- Ideally 3-6 years’ experience working in one or more of the following: private/public Cloud environment, containers and enterprise CICD pipeline.
- Knowledge in information security concepts, security hardening, network protocols and application security.
- Knowledge in building end-to-end security functions in cloud with scripting languages such as Python and Yaml, and writing infrastructure-as-Code templates.
- Expertise in cloud architecture and security fundamentals including containers, software-defined networks and multi-cloud environment.
- Knowledge of cloud reference architectures and public cloud security best practices preferred. Cloud certification (e.g. ISC2, AWS, GCP) would be considered positively.
- Good understanding of DevOps processes and methodologies.
- Ability to work independently and with minimal supervision, while collaborating with various teams in IT.
- High level of integrity, takes accountability of work and good attitude over teamwork.
- Takes initiative to improve current state of things and adaptable to embrace new changes.
To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.
Closing on 10 Jul 2021orview more job listings from this company