ROLE SUMMARY
Our client is looking for a DevSecOps Engineer, internally known as Cloud Security Engineer to join their rapidly growing company and Cybersecurity team. The role will be responsible for implementing security best practices for development and cloud infrastructure (specifically for AWS).
SCHEDULE: 9:00 AM 6:00 PM Eastern Daylight Time (9:00 PM 6:00 AM Philippine Standard Time), follows Philippine holidays
POSITION TYPE: Full Time
WORK ARRANGEMENT: Remote
ESSENTIAL FUNCTIONS:
- Act as the primary Point of Contact (POC) and the first line of defense for security
- issues including alerts, incident response, and investigations
- Maintain a secure cloud architecture and evangelize security best practices within the enterprise that comply with the SOC II policies and procedures under the guidance of the VP of Information Security
- Handle vulnerability management program and prioritization efforts with the Product and Engineering teams
- Create and deploy security tooling and infrastructure within their AWS accounts, using Terraform, and utilize various AWS services, including EKS, EC2, S3, and IAM
- Develop and implement customized automation and security-driven tools
QUALIFICATIONS:
- A Bachelor's degree in technical or quantitative science) or equivalent work experience with evidence of proficiency and achievement in virtual infrastructure management
- Any AWS certification or relevant security certifications is preferred
- 5+ years experience in cloud computing, security operations, configuration
- management (Ansible and Terraform) or related field
- Expertise in general network infrastructure and security, specifically ports,
- protocols, services, and how they impact security
- Familiarity with modern security concepts such as defense in depth, zero trust architecture, and other related security strategies
- Expertise in AWS security management, best practices, and tools (IAM,
- Guardrails, SPCs, GuardDuty, SecurityHub, WAF, SSO, etc.)
- High level of proficiency in common security tools (Splunk, SonarQube, Tenable, CrowdStrike, etc.).
- High level of proficiency in Linux system administration and security
- High level of proficiency with containerization technologies, especially Kubernetes
- Proficient in a scripting language such as Python and bash.
- Proficient with code versioning tools (Git and SVN)
- Excellent oral and written communication skills
