DevSecOps Engineer

Work should be challenging.

Your work should challenge the status quo.

You should be defining the future, not being dependent on it.

You don’t like it safe, and prefer to swim in the deep end, while figuring things out.

You want to be an avant-garde.

If this resonates with you, then you’ll fit right in here at Propine.

Propine is re-inventing capital markets using blockchain technology. We’ve worked with Monetary Authority of Singapore (MAS), to become the first licensed custodian for digital assets in the world.

This role requires you to have a ‘do-whatever-it-takes’ mindset and learn to operate just outside the limit of your comfort zone. If this excites you, but also makes you a bit nervous, then you might be the right fit.

Job description:
You will partner closely with the leadership team and work directly with the Director of Information Security and the Engineering Team. You will communicate and collaborate across the organization to:

• Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps
• Implement a tool driven and highly automated approach to deliver key security management processes by maximizing use of existing toolsets.
• Develop procedures to automate security tasks which seamlessly integrate into code builds and deployments.
• Assist and train team members in the use of cloud security tools and the resolution of security issues.
• Lead AWS /Azure Cloud DevSecOps engineering integrations with SIEM and analytic platform and enable action-based events and triggers.
• Deploy compliance and vulnerability management solutions for large-scale cloud environments using container and microservice technologies.
• Develop & deploy automated solutions to secure cloud development and delivery processes.
• Develop and maintain documentation for security systems and procedures.
• Stay current on security industry trends.
• Participates in an on-call rotation for 24x7 support of security operations.
• Other duties as assigned.

Requirements for this role
• A degree in Computer Science, Software Engineering, Cyber Security or related fields
• Minimum 5 years of experience in software engineering
• Minimum 3 years of experience in a cybersecurity engineer role
• Fluent and written English is a must.
• Ability to understand business requirements and translate them into technical solutions.
• Possess excellent communication, sharp analytical abilities with proven design skills, able to think critically of the current system in terms of growth and stability.
• Experience with modern web technologies and AWS stack
• Experience with cloud platform security including IAM, WAF, KMS, AWS Guardduty,AWS Inspector
• Knowledge of CI/CD practices and security challenges
• Experience with SAST/DAST tools
• Experience in process and tools for Container Security,Kubernets Security, Image Security and Code Security
• Experience in SIEM and Vulnerability management tools
• Experience with IAC and Serverless tools like Terraform,Cloudformation,AWS Lambda
• Proficient in coding languages like Python, Node.js
• Demonstrable understanding of modern architectural patterns such as containerization, microservices, API gateways etc.
• Experience with prioritizing and managing security risks.
• Good knowledge of operational security best practices
• Experience working with startups preferred.

Seniority Level
• Intermediate

Industry
• Information Technology and Services
• Computer & Network Security

Employment Type
• Full-time

Job Functions
• Engineering
• Information Technology
• Finance