DevSecOps

Kuala Lumpur, Kuala Lumpur, Malaysia
Apply to Position

DevSecOps

Kuala Lumpur, Kuala Lumpur, Malaysia

We’re searching for a proactive and experienced DevSecOps Engineer who thrives on solving complex information security issues and building innovative security processes from the ground up.

  • Implement and maintain secure software development lifecycle (S-SDLC) processes.
  • Conduct internal audits of the company's infrastructure and perimeter security.
  • Develop and automate Infrastructure as Code (IaC) and Policy as Code practices.
  • Enhance CI/CD pipelines with robust security measures and tools, including SAST and DAST.
  • Collaborate with product development, DevOps, and IT teams to identify vulnerabilities and implement process improvements.
  • Research, introduce, and integrate new tools tailored to our infrastructure needs.
  • Present and drive process improvement plans for the development teams, influencing secure coding practices.
  • Participate in security architecture assessments for new services and support teams in containerizing applications.
  • Conduct and develop training events to educate developers on security best practices.

  • Strong expertise in Linux administration and Gitlab CI/CD.
  • Hands-on experience with popular CI/CD security tools (SAST, DAST, etc.).
  • Familiarity with containerization technologies like Docker and Kubernetes (k8s), with an understanding of concepts such as ingress, pods, and services.
  • Knowledge of cloud infrastructure providers (GCP, AWS, Azure) and experience securing cloud environments.
  • Ability to configure and debug Nginx—understanding of the difference between proxy_pass and upstream, and how HTTP protocols and TLS/SSL work.
  • Knowledge of PHP and its integration within secure pipelines is a plus.
  • Ability to collaborate and influence cross-functional teams, particularly DevOps and Developers.
  • Familiarity with typical infrastructure attacks and a solid understanding of threats vs. risks.
  • Self-starter with strong initiative, ready to experiment with and explore new tools and technologies.
  • Excellent communication skills to advocate for security improvements across teams.
  • Upper-intermediate oral communication in English or higher.

Apply Now