The point where experts and best companies meet
Informatica DevOps Security Engineer Singapore, Singapore 835852998
27.08.2024
Share
- Your Role Responsibilities? Here's What You'll Do:
- Develop security controls across cloud platforms (AWS, Azure, GCP) to enhance the security posture of our infrastructure.
- Perform cloud-specific penetration testing to identify vulnerabilities, misconfigurations, and insecure APIs, followed by remediation.
- Maintain automation scripts to improve cloud security processes, vulnerability scanning, and monitoring using tools like Python, Bash, or PowerShell.
- Collaborate with DevOps and infrastructure teams to ensure the secure deployment of services using container technologies like Docker and Kubernetes.
- Security incident response by analysing cloud-based security incidents and breaches.
- Manage cloud security monitoring tools, SIEM solutions (e.g., ELK SIEM, splunkl), and provide real-time threat detection and incident response capabilities.
- Ensure compliance with security standards and regulations (GDPR, HIPAA, NIST) within cloud environments.
- Review and enhance security policies, IAM roles, and permissions to prevent unauthorized access and data breaches.
- Participate in security audits, vulnerability assessments, and risk analysis to ensure understanding of industry best practices.
- Technical Expertise: Strong experience with cloud platforms (AWS, Azure, Google Cloud), particularly in security services like AWS IAM, Security Groups, VPC, and Azure Key Vault.
- Penetration Testing: Hands-on experience with cloud-specific pentesting tools (Prowler, ScoutSuite) and general security tools like Burp Suite, Metasploit, or Nessus.
- Automation Proficiency: Advanced scripting skills (Python, Bash, PowerShell) to develop automation for security monitoring, testing, and incident handling workflows.
- Container Security: Proficiency in securing containerized environments (Docker, Kubernetes) and managing cloud-native security solutions.
- Incident Response: Experience with digital forensics, incident handling, and response in cloud environments, using logs (AWS CloudTrail, Azure Monitor) to trace and reduce incidents.
- Compliance & Frameworks: Familiarity with security frameworks (CIS, NIST, ISO 27001) and experience implementing compliance measures in cloud-based infrastructures.
- : complex security issues to all partners, ensuring clarity and applicable insights.
- Certifications (Preferred): AWS Certified Security – Specialty, Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), or other relevant security certifications.
- Collaborate closely with development, operations, and security teams to integrate security measures into the entire software development lifecycle (SDLC).
- Automate security testing processes, such as Continuous Integration/Continuous Deployment (CI/CD) pipeline security checks, to identify vulnerabilities early in development.
- Develop security playbooks and incident response plans tailored to cloud environments to ensure rapid response to security incidents.
- Monitor cloud environments for vulnerabilities and potential threats using advanced security tools, ensuring proactive defence.
- Could you provide mentorship to junior team members and guidance on cloud security best practices to promote a culture of security-first thinking?
- Research and stay up-to-date with the latest cloud security threats, technologies, and best practices to ensure we remain to latest threats.
- Participate in post-incident reviews and root cause analysis to improve response strategies and reduce future risks.
These jobs might be a good fit
