DevSecOps Engineer

Location: Ho Chi Minh City,Ho Chi Minh City,Vietnam

As a DevSecOps Engineer at TrustingSocial, you will play a crucial role in implementing and operating security tools and standards across our infrastructure. Your responsibilities will extend to managing core infrastructures, executing continuous integration and deployment pipelines, and operating a variety of security stacks. DevSecOps team's role is essential in maintaining a proactive security culture and reducing the risk of security incidents while ensuring the smooth operation of development and operational activities. This role requires a high level of technical expertise, familiarity with security best practices, and standards compliance.

Responsibilities

• Security Integration: Deploy and operate various security applications, and security solutions such as WAF, PAM, Cloud Workload Security, GitHub Action, GitHub Advanced Security, GCP Security Command Center, Azure Sentinel, and AWS Security Stack
• Vulnerability Management: Conduct regular vulnerability assessments and manage patching of CVEs (Common Vulnerabilities and Exposures)
• Infrastructure Sharing and CI/CD: Manage central infrastructure sharing systems and establish continuous integration/continuous deployment & security protocols
• Identity and Access Management (IAM): Develop and manage IAM roles using Terraform to control user access, assign permissions, and audit system users effectively
• Security Log & Monitoring such as SIEM: Streamline logs and build a robust, centralized SIEM log system, sending alerts across various SOC channels
• Cloud System Management: Manage multi-cloud accounts on Google Cloud, AWS, and Azure using Privileged Identity Management (PIM) solutions
• Security Standardization: Drive standardization of security domains for the DevSecOps team and ensure adherence to security best practices and regulations, including ISO 27001 and PCI DSS standards
• Automated Tools Development: Develop automated tools for gathering billing data and assessing cloud and on-premise assets
• Regular Scanning and Reporting: Conduct regular security scans and send weekly and monthly reports to the GRC teams for ticketing and issue resolution
• Incident Response: Participate in the incident response team, ready to swiftly address and mitigate any security incidents
• Collaboration: Collaborate with other teams, ensuring security measures are integrated into their workflows and addressing any security-related issues

Requirements

• Degree: A minimum of a Bachelor's degree in Information Technology, Computer Engineering, Cybersecurity, or a related field
• Experience: At least 1–2 years of experience working in related fields, such as software development, systems management, or network security
• Programming Skills: Proficiency in at least one programming language such as Python, Ruby, Java, or Go
• Understanding of DevOps and related tools: Knowledge of DevOps tools and methodologies like CI/CD, Jenkins, Docker, Kubernetes, etc
• Communication Skills: Ability to communicate effectively, work in a team, and solve problems
• Proficiency with security tools like WAF Cloudflare, Teleports, Datadog Cloud Workload Security, GitHub, GitHub Advanced Security, GCP Security Command Center, Azure Sentinel, and AWS Security Stack
• Familiarity with cloud platforms such as Google Cloud, AWS, and Azure, and PIM, Terraform Automation solutions
• Knowledge of security central management and SIEM systems
• Strong written and verbal communication skills in English
• Preferred Qualifications:
  • Experience in a similar DevSecOps role, preferably in a large-scale environment
  • Experience with incident response and handling security incidents
  • Thorough understanding and experience with ISO 27001 and PCI DSS standards
  • Experience in developing automated tools for data collection and asset assessment
  • Proven experience in conducting security scans and creating comprehensive reports

What we offer

• Competitive compensation package, including 13th-month salary and performance bonuses
• Comprehensive health care coverage for you and your dependents
• Generous leave policies, including annual leave, sick leave, and flexible work hours
• Convenient central district 1 office location, next to a future metro station
• Onsite lunch with multiple options, including vegetarian
• Grab for work allowance and fully equipped workstations
• Fun and engaging team building activities, sponsored sports clubs, and happy hour every Thursday
• Unlimited free coffee, tea, snacks, and fruit to keep you energized
• An opportunity to make a social impact by helping to democratize credit access in emerging markets

About us

We are an AI Fintech company specializing in assessing credit profiles of consumers in emerging markets combining pioneering AI with large alternative data sources. In 2020 we reached our ambitious milestone of credit profiling 1bn consumers spanning 4 countries - Vietnam, Indonesia, India & the Philippines - and building a platform for the wider industry and the financial services industry in particular to provide the 'un & under' served access to credit. At the core of this initiative has been our strict and unwavering adherence to the norms of consumer data privacy and consumer data rights.

But we're not satisfied as we embark on the next leg of our journey to deliver 100 million credit lines to consumers in the markets where we operate. Although this goal is ambitious, we truly believe that by harnessing the power of AI & Big Data we can deliver financial access at unprecedented scale.

As a firm, we're audacious problem solvers motivated by our impact on society. We deeply espouse the values of ownership - of our actions and initiatives, integrity in all we do and agility in execution.

We place great importance on doing what is right, what is best and what is innovative. And we are seeking people to champion these values and beliefs as we grow. If you are smart, driven and want to make a difference in the world with the most advanced and fascinating technology, come join our team. We can satisfy your desire to explore new territory and give you the runway to really make an impact. 

Additional Info

Learn more about us here:
https://www.youtube.com/watch?v=inAEDGvOcL8&t=29s