DevOps Security Engineer
We are seeking a skilled DevOps Security Engineer to enhance the security posture of our cloud infrastructure and CI/CD pipelines. The ideal candidate will work closely with the DevOps, Security, and Engineering teams to implement security best practices, automate security processes, and ensure compliance with industry standards. This role is critical in securing our applications, networks, and cloud environments while enabling efficient and secure software delivery.
Key Responsibilities:
- Design, implement, and maintain security solutions for cloud-based infrastructure (Aliyun, AWS, Azure, GCP).
- Integrate security best practices into CI/CD pipelines to enable secure software deployments.
- Automate security processes, vulnerability management, and threat detection.
- Conduct security assessments, code reviews, and penetration testing to identify and mitigate risks.
- Monitor system security, respond to incidents, and implement remediation plans.
- Collaborate with DevOps and Engineering teams to ensure security is embedded into the development lifecycle.
- Develop and enforce security policies, standards, and guidelines in compliance with industry regulations (ISO 27001, SOC2, GDPR).
- Stay up to date with emerging security threats, tools, and best practices.
Requirements:
- Bachelor's degree in Computer Science, Cybersecurity, or related field.
- 3+ years of experience in Application Security, Infrastructure Security or Devsecops
- Strong knowledge of cloud platform Aliyun and others (AWS, Azure, or GCP) and security configurations.
- Experience with application security, infrastructure security and encryption methodologies.
- Excellent problem-solving skills, communication skills and ability to work in a fast-paced environment.
