DevSecOps Lead

Yondu View all jobs

  • Taguig City, Metro Manila
  • Permanent
  • Full-time
  • 1 month ago
General Responsibilities:The DevSecOps Lead is responsible for leading the integration of robust security practices into our DevOps pipeline, ensuring the protection and compliance of our cloud infrastructure. This role demands a strategic mindset to optimize system performance and reliability while fostering a culture of security within the organization.Duties and Responsibilities:Cloud Infrastructure Management:
  • Lead the design, implementation, and management of scalable, secure, and resilient cloud infrastructure
  • Monitor and optimize cloud resource usage and performance, making strategic improvement recommendations.
Security Integration:
  • Develop and implement advanced security practices within the DevOps lifecycle.
  • Conduct regular security assessments, vulnerability scanning, and penetration testing.
  • Implement and manage robust security controls, policies, and procedures.
Continuous Integration/Continuous Deployment (CI/CD):
  • Architect and maintain CI/CD pipelines to automate and secure deployment processes.
  • Ensure integration of advanced security checks within the CI/CD pipelines.
Compliance and Governance:
  • Ensure adherence to industry regulations (e.g. GDPR, HIPAA, PCI-DSS) and internal compliance standards.
  • Implement and manage comprehensive compliance monitoring tools and frameworks.
  • Prepare and maintain detailed documentation for audits and compliance requirements.
Monitoring and Incident Response:
  • Implement and manage sophisticated monitoring tools for cloud infrastructure and applications.
  • Develop and maintain incident response plans and procedures.
  • Lead complex incident response activities, including root cause analysis and comprehensive remediation.
Collaboration and Leadership:
  • Foster a collaborative environment by working closely with development, operations, and security teams.
  • Collaborate with cross-functional teams, including developers, operations, and security, to ensure seamless integration of security practices.
  • Facilitate knowledge sharing, and provide training, mentorship, and guidance on DevSecOps principles and practices to team members.
  • Communicate effectively with stakeholders to report on security posture, incidents, and strategic improvements.
  • Other job-related activities that may be assigned from time to time.
  • Deep expertise in Cloud services (EC2, S3, RDS, Lambda, IAM, VPC, CloudFormation, etc.).
  • Proficiency in infrastructure as code (IaC) tools such as Terraform or CloudFormation.
  • Extensive experience with CI/CD tools such as Jenkins, GitLab CI, or CodePipeline.
  • Strong knowledge of advanced security best practices and frameworks (NIST, CIS, OWASP, etc.).
  • Experience with advanced security tools such as, GuardDuty, Inspector, and WAF.
  • Proficiency in scripting languages such as Python, Bash, or PowerShell.
  • Familiarity with containerization technologies (Docker, Kubernetes) and their security aspects.
  • Strong understanding of networking and network security concepts.
Qualifications:
  • Had background in Architecture, Automation and security as a DevSecOps
Mid-Senior Level / Manager IT and Software Information Technology / IT 1 opening Bachelor's degree graduateYondu is a Philippine-based IT solutions company owned by Globe Telecom. We empower businesses across various industries through a wide array of innovative technology solutions to help them scale in the new digital economy. Our mission is to create happier technological experiences by turning great ideas into excellent and valuable business solutions.If you’re looking to advance your career in the IT industry, Yondu is the best place to be. You will be a part of a young, dynamic culture that always pursues innovation and growth. As a Yondude, you’ll gain fresh perspectives from a team of knowledgeable and competitive individuals and learn how to develop cutting-edge business solutions that go above and beyond. You’ll also enjoy collaborating with brilliant and fun people who are ready to take on the world.Established in 2001, our company has grown exponentially, and we’re always on the lookout for highly skilled and competitive individuals to innovate and evolve with. If this sounds exciting for you, #BeAYondude, and leverage your expertise to help us achieve our ultimate goal of going above and beyond!Join us and grow your career in the IT industry!

Kalibrr