Assistant Vice President – IT Security (Cloud and DevOps Security Engineer)

  • Job category
  • Job level
  • Contract type
  • Location
  • Salary
    S$8000 - S$11000

Job Description

Job Purpose

Design, build and implement security controls for Private Cloud, Container platform and DevOps pipeline.

The Job

  • Evaluate, design and implement security-focused      tools and services for Cloud, Container and CICD pipeline, and integrate      with security operations and identity and access management solutions.
  • Serves as security Subject Matter Expert      (SME) for Cloud computing, container orchestration, and CI/CD pipeline. Provide      guidance on security best practices to internal teams.
  • Work with various teams to deploy security      solutions that will enable continuous and automated enforcement of      security controls, such as hardened container image; compliance assurance monitoring;      and runtime protection against threats.
  • Implement proactive security monitoring      and alerting, and integrate with existing monitoring infrastructure, to      collect actionable security alerts and automate remediation.
  • Evaluate      architectural designs and perform security reviews with engineering teams.      Facilitate security review activities such as penetration testing, secure code      reviews, and design/architecture security reviews.
  • Support security incident management by      performing security analysis and investigations of security incidents      involving the cloud / container / CICD components.

· Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks.

· Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.

· Highlights any potential concerns /risks and proactively shares best risk management practices.

Our Requirements

  • Degree in Information      Technology/Computing or relevant.
  • Ideally 3-6 years’ experience working in      one or more of the following: private/public Cloud environment, containers      and enterprise CICD pipeline.
  • Knowledge in information security      concepts, security hardening, network protocols and application security.
  • Knowledge in building end-to-end      security functions in cloud with scripting languages such as Python and      Yaml, and writing infrastructure-as-Code templates.
  • Expertise in cloud architecture and      security fundamentals including containers, software-defined networks and      multi-cloud environment.
  • Knowledge of cloud reference      architectures and public cloud security best practices preferred. Cloud      certification (e.g. ISC2, AWS, GCP) would be considered positively.
  • Good understanding of DevOps processes      and methodologies.
  • Ability to work independently and with      minimal supervision, while collaborating with various teams in IT.
  • High level of integrity, takes      accountability of work and good attitude over teamwork.
  • Takes initiative to improve current      state of things and adaptable to embrace new changes.

To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.

Closing on 10 Jul 2021

orview more job listings from this company