DevSecOps Engineer

Get to know our Team:

The DevSecOps team is responsible for building secure infrastructure and continuous security pipelines . We design security solutions which are easy to use and effective in the long run, monitor threats and vulnerabilities and provide several levels of protections to our complete infrastructure. Our team is passionate about the details and we work very closely with a wide range of stakeholders.

Get to know the Role:

·         Design and implement security best practices across all Grab infrastructure at different layers of OSI.

·         Identify and remediate security gaps using industry best practices and automated solutions that are built in-house.

·         Provide advice on security best practices, and guide teams in developing, adopting and enforcing security standards within the organization.

·         Go beyond compliance to implement the latest security tools and techniques that improve the security posture of the organization.- Perform periodic reviews of systems in order to prohibit unauthorized use, prevent loss of critical information, and maintain security all across the scope.

·         Build out Compliance automation by developing in-house tools as well as evaluating and deploying third party products by doing PoCs. 

·         Participate in external and internal audits and bring them to successful completion.

The day-to-day activities:

·         Identify security loopholes using multiple tools and frameworks either developed in-house or using the best ones in the market on the systems and provide permanent solutions.    

·         Identify processes that are redundant and automate them  

·         Ensure security best practices are followed at every level and provide solutions to improve existing processes.    

·         Be involved in the design and subsequent implementation of software and service infrastructure    

·         Mentor other engineers, define our technical culture, and help build a fast-growing team

The must haves:

·         5+ years of experience in designing and implementing security systems.  

·         Experienced with any of the cloud technologies AWS & Azure. Awareness on Data Center virtualisation solutions would be a good addition

·         Experienced in DevOps Concepts including:

o    Containers

o    Kubernetes ( Managed and Standalone clusters)

o    CI-CD Solutions

o    Version Control Systems eg. gitlab, bitbucket etc

o    Build and Maintain  monitoring tools like Elasticstack, Prometheus etc.

·         Strong skills in at least one or more scripting language; Python, Go, or Shell- Passionate about security, enjoy challenges and maintain up-to-date knowledge of available and emerging security threats and various security technologies.

·         Strong understanding of *nix and Network security in depth. Must have *nix flavours are:

o    Ubuntu

o    CentoOS

o    CoreOS

·         Strong foundation and in-depth technical knowledge of security engineering, authentication and security protocols and applied cryptography.

·         Strong interpersonal skills with the ability to communicate and work effectively across the organization.

Nice to Have:  

·         Basic/Good understanding of Web Application Firewall as a technology

·         Experienced in implementing and managing HIDS/NIDS, FIM, SIEM solutions.  

·         Experienced with directory services and single-sign-on solutions.   

·         Experienced with vulnerability management, patching automation and understanding of VA/PT techniques    

·         Knowledge of information security standards like ISO 27001:2013, PCI-DSS will be an added advantage