- Posted 23 August 2023
- Job type Permanent
- Contact NameSabri Babouri
If you are a highly skilled and motivated DevSecOps engineer with a passion for building secure, scalable, and reliable systems, we want you on our team to take on a new challenge and make a real difference.
Your role involves spearheading the creation and execution of systems that place a strong emphasis on security right from the initiation of the software development life cycle (SDLC). This entails collaborating closely with software development, security, and operations teams to enhance procedures, utilities, and the overall mindset, ensuring that security becomes a collective commitment. Your efforts are geared towards guaranteeing the secure execution of continuous integration and continuous delivery (CI/CD) processes.
Collaborate closely with Engineering and Operations teams to ensure the seamless integration of security and privacy measures throughout the entire Software Development Lifecycle.
Conduct thorough Threat Modelling assessments to analyse potential risks associated with various processes, systems, or technologies, and compile detailed findings in written reports.
Regularly scrutinize and oversee processes and systems, actively identifying potential vulnerabilities or weaknesses.
Develop and implement automated procedures and tools aimed at enhancing the efficiency and effectiveness of security controls.
Swiftly and efficiently respond to and manage security incidents, such as data breaches or cyber-attacks.
Evaluate, test, and choose appropriate security technologies, tools, and methodologies for implementation within the organization.
Foster collaboration with the broader security team to exchange ideas, tools, and processes, contributing to the establishment of a robust security culture at Deriv.
Deliver presentations on security architecture and risk to raise awareness of security best practices.
Proficiency in reviewing code and actively identifying security issues and vulnerabilities.
A solid grasp of software development, security, and operational principles, along with adherence to best practices.
Extensive understanding of Public Cloud Security and its fundamental components, including EC2, EKS, AWS Networking (such as Subnetting, Route Tables, SG's, VPC, VPC Peering, NACLS, VPN), RDS, Storage (S3, EBS), SSO, and Federation.
Hands-on experience with DevOps tools and best practices (e.g., Git, Jenkins, CircleCI, Ansible).
Knowledge of security and privacy principles, including best practices in areas like authentication, authorization, encryption, and GDPR compliance.
Possession of a university degree in computer science or a related field.
Strong aptitude for problem-solving.
Exceptional communication skills in both spoken and written English.