Назад
Company hidden
4 дня назад

DevSecOps Engineer (Cloud Security)

Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Indonesia
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

DevSecOps Engineer (Cloud Security): Hardening cloud and on-premise environments and embedding security throughout the engineering lifecycle with an accent on infrastructure security and CI/CD pipeline integration. Focus on designing zero-trust access patterns, conducting security code reviews across multiple languages, and building security standards from the ground up.

Location: Hybrid in Bandung, Indonesia (at least 2 days per week in the office). This position is NOT eligible for Visa sponsorship.

Company

hirify.global provides a Unified IT Operations Platform for endpoint management, autonomous patching, and remote access to nearly 40,000 customers globally.

What you will do

  • Secure AWS/GCP workloads (EC2, ECS, S3, RDS, VPC, IAM) and harden Linux/Windows servers and VMware environments.
  • Design and enforce VPC/subnet segmentation, firewall rules, and zero-trust access patterns.
  • Manage and operate SAST, DAST, and SCA tooling within CI/CD pipelines, including triaging and remediation.
  • Conduct security code reviews for Ruby on Rails, C#, Java, Python, and Go codebases.
  • Lead threat modeling sessions for new features and architectural changes.
  • Develop and deploy organization-wide AppSec standards, logging guidelines, and vulnerability SLAs.

Requirements

  • 4–5 years of experience in cloud or infrastructure security, specifically in hybrid environments.
  • Strong hands-on experience with AWS or GCP production environments.
  • Proven experience managing SAST/DAST/SCA tooling and performing security code reviews.
  • Ability to define and deploy security standards independently.
  • Solid knowledge of network security, OS hardening, IAM/PAM, and OWASP Top 10.
  • Must be based in Bandung, Indonesia.

Nice to have

  • Certifications: AWS Security Specialty, CISSP, CEH, or OSCP.
  • Experience with CSPM, CNAPP, SIEM/SOAR, EDR/MDR, or WAF tools.
  • Knowledge of SOC 2, ISO 27001, GDPR, or PDPA.
  • Familiarity with security tooling such as Snyk, Trivy, Semgrep, or Burp Suite.

Culture & Benefits

  • Collaborative, kind, and curious community with an international workforce.
  • Hybrid work environment focused on work-life balance.
  • Free in-office lunches throughout the week.
  • Opportunities for professional growth and advancement within a fast-growing global company.
  • Access to a renowned internal training platform.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →