Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Informatica DevOps Security Engineer 
Singapore, Singapore 
835852998

27.08.2024
  • Your Role Responsibilities? Here's What You'll Do:
    • Develop security controls across cloud platforms (AWS, Azure, GCP) to enhance the security posture of our infrastructure.
    • Perform cloud-specific penetration testing to identify vulnerabilities, misconfigurations, and insecure APIs, followed by remediation.
    • Maintain automation scripts to improve cloud security processes, vulnerability scanning, and monitoring using tools like Python, Bash, or PowerShell.
    • Collaborate with DevOps and infrastructure teams to ensure the secure deployment of services using container technologies like Docker and Kubernetes.
    • Security incident response by analysing cloud-based security incidents and breaches.
    • Manage cloud security monitoring tools, SIEM solutions (e.g., ELK SIEM, splunkl), and provide real-time threat detection and incident response capabilities.
    • Ensure compliance with security standards and regulations (GDPR, HIPAA, NIST) within cloud environments.
    • Review and enhance security policies, IAM roles, and permissions to prevent unauthorized access and data breaches.
    • Participate in security audits, vulnerability assessments, and risk analysis to ensure understanding of industry best practices.
    What We'd Like to See:
    • Technical Expertise: Strong experience with cloud platforms (AWS, Azure, Google Cloud), particularly in security services like AWS IAM, Security Groups, VPC, and Azure Key Vault.
    • Penetration Testing: Hands-on experience with cloud-specific pentesting tools (Prowler, ScoutSuite) and general security tools like Burp Suite, Metasploit, or Nessus.
    • Automation Proficiency: Advanced scripting skills (Python, Bash, PowerShell) to develop automation for security monitoring, testing, and incident handling workflows.
    • Container Security: Proficiency in securing containerized environments (Docker, Kubernetes) and managing cloud-native security solutions.
    • Incident Response: Experience with digital forensics, incident handling, and response in cloud environments, using logs (AWS CloudTrail, Azure Monitor) to trace and reduce incidents.
    • Compliance & Frameworks: Familiarity with security frameworks (CIS, NIST, ISO 27001) and experience implementing compliance measures in cloud-based infrastructures.
    • : complex security issues to all partners, ensuring clarity and applicable insights.
    • Certifications (Preferred): AWS Certified Security – Specialty, Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH), or other relevant security certifications.
    Your Responsibilities as a DevOps Security Engineer:
    • Collaborate closely with development, operations, and security teams to integrate security measures into the entire software development lifecycle (SDLC).
    • Automate security testing processes, such as Continuous Integration/Continuous Deployment (CI/CD) pipeline security checks, to identify vulnerabilities early in development.
    • Develop security playbooks and incident response plans tailored to cloud environments to ensure rapid response to security incidents.
    • Monitor cloud environments for vulnerabilities and potential threats using advanced security tools, ensuring proactive defence.
    • Could you provide mentorship to junior team members and guidance on cloud security best practices to promote a culture of security-first thinking?
    • Research and stay up-to-date with the latest cloud security threats, technologies, and best practices to ensure we remain to latest threats.
    • Participate in post-incident reviews and root cause analysis to improve response strategies and reduce future risks.