DevSecOps Engineer

Who are we?Here at ADDX, we believe in a future where everybody can access financial ecosystems easily, fairly, and safely. That is why we’ve built the world’s first fully regulated platform for digital securities, licensed by the Monetary Authority of Singapore.
In 2021, we raised USD 50 million in Series A funding led by Japan Investment Corporation and Development Bank of Japan. Among other esteemed investors, we are backed by Singapore Exchange and Heliconia, a subsidiary of Temasek.
We have gone through a total re-brand and promise this to be an exciting time. An integral part of a fast-growing team enabling investments in unicorns, pre-IPO companies, and hedge funds, your role is to innovate and discover new solutions.
If you believe in a future of fair financial markets, just like we do, we’ve been waiting for you at ADDX.
Who are we looking for?
We are looking for a DevSecOps Engineer to join us! You will work with the DevOps and infrastructure teams to shape and secure the build and release systems for our platform. 

Key Responsibilities

• Review cloud deployment architectures and implement required security controls. 
• Set security best practices for cloud security. 
• Identify security vulnerabilities in the system and implement necessary solutions to remediate the vulnerabilities. 
• Identify manual processes that can be smartly automated. 
• Implement tools to shift security left and reduce the time taken to detect vulnerabilities. 
• Ensure security best practice is followed and provide solutions to improve existing infrastructure processes in the company. 
• Guide continuous integration, continuous deployment and continuous testing. 
• Setup, deploy and maintain scalable, high availability systems 
• Perform and automate deployment and security hardening of systems 
• Automate and build up scalable systems/environment using latest technologies (e.g. Kubernetes) 

Requirements

• Experience and working knowledge of SAST, DAST and SCA tools (including their strength and weakness) 
• Experience with implementing and maintaining security tools / DevSecOps processes at enterprise level 
• Proficient in managing public cloud services (AWS, Azure or GCP) 
• Ability to perform automation using Terraform/Ansible/Chef/Puppet, Docker/Kubernetes, and any one CI tools (e.g. Jenkins, Gitlab, Travis CI etc.) 
• Comfortable to code in at least one high-level programming language - JavaScript, Java, Python or Golang for scripting and automation 
• Professional or Speciality (Security) Certifications in AWS, Certifications issued by the CNCF such as CKA, CKAD or CKS or cybersecurity certifications including CISSP, CISM, CompTIA Security+ and GSEC are encouraged. 
• Experience / knowledge in blockchain, digital assets and their associated weaknesses is a plus! 

Due to our limited capacity, we regret that only shortlisted candidates will be notified.