DevSecOps Engineer (Cloud Security)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
DevSecOps Engineer (Cloud Security): Hardening cloud and on-premise environments and embedding security throughout the engineering lifecycle with an accent on infrastructure security and CI/CD pipeline integration. Focus on designing zero-trust access patterns, conducting security code reviews across multiple languages, and building security standards from the ground up.
Location: Hybrid in Bandung, Indonesia (at least 2 days per week in the office). This position is NOT eligible for Visa sponsorship.
Company
provides a Unified IT Operations Platform for endpoint management, autonomous patching, and remote access to nearly 40,000 customers globally.
What you will do
- Secure AWS/GCP workloads (EC2, ECS, S3, RDS, VPC, IAM) and harden Linux/Windows servers and VMware environments.
- Design and enforce VPC/subnet segmentation, firewall rules, and zero-trust access patterns.
- Manage and operate SAST, DAST, and SCA tooling within CI/CD pipelines, including triaging and remediation.
- Conduct security code reviews for Ruby on Rails, C#, Java, Python, and Go codebases.
- Lead threat modeling sessions for new features and architectural changes.
- Develop and deploy organization-wide AppSec standards, logging guidelines, and vulnerability SLAs.
Requirements
- 4–5 years of experience in cloud or infrastructure security, specifically in hybrid environments.
- Strong hands-on experience with AWS or GCP production environments.
- Proven experience managing SAST/DAST/SCA tooling and performing security code reviews.
- Ability to define and deploy security standards independently.
- Solid knowledge of network security, OS hardening, IAM/PAM, and OWASP Top 10.
- Must be based in Bandung, Indonesia.
Nice to have
- Certifications: AWS Security Specialty, CISSP, CEH, or OSCP.
- Experience with CSPM, CNAPP, SIEM/SOAR, EDR/MDR, or WAF tools.
- Knowledge of SOC 2, ISO 27001, GDPR, or PDPA.
- Familiarity with security tooling such as Snyk, Trivy, Semgrep, or Burp Suite.
Culture & Benefits
- Collaborative, kind, and curious community with an international workforce.
- Hybrid work environment focused on work-life balance.
- Free in-office lunches throughout the week.
- Opportunities for professional growth and advancement within a fast-growing global company.
- Access to a renowned internal training platform.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →