We are a MAS licensed startup that has been in business for the past 5 years. We have recently been recognized as the PayTech of the Year at 2024 Asia FinTech Awards. With a profitable MVP, we are now focused on scaling our business model globally.

The DevSecOps Engineer will report to the Head of DevOps and serve as a key player in securing dtcpay’s infrastructure. This role will involve implementing and managing security controls, embedding security into CI/CD pipelines, leveraging Infrastructure as Code (IaC), and collaborating with DevOps, and IT Security teams to ensure the reliability and security of cloud-native environments.

Responsibilities:

1. Security Architecture and Cloud-Native Protection

• Deploy and manage cloud security capabilities, including IAM, CSPM, CIEM, agentless security, IaC security, CI/CD security, and secrets management.
• Manage xDR capabilities, including configuring and integrating, automating threat detection and response, monitoring telemetry for anomalies, optimizing protection for containerized and non-containerized workloads, and risk metrics.
• Manage AWS security capabilities, including GuardDuty, Shield, WAF, IAM, KMS, ACM, CloudTrail, etc.

2. DevSecOps Automation and IaC Management

• Automate security testing and monitoring processes using Terraform, Python, Bash, or other scripting languages.
• Embed automated security checks into CI/CD pipelines to detect and address vulnerabilities during development.
• Develop IaC templates to enforce security policies and enable rapid deployment of secure environments.

3. Site Reliability Engineering (SRE) Collaboration

• Develop and deploy SRE components with DevOps team to monitor and improve the availability, scalability, and performance of systems.
• Design and implement secure system architectures to meet SRE reliability objectives.
• Utilize observability tools like AWS CloudWatch, Opensearch, Prometheus, and Grafana to ensure compliance and security performance metrics.

4. Testing and Vulnerability Management

• Conduct effective testing and vulnerability assessments using SAST, DAST, IAST, and vulnerability scanner tools.
• Develop and execute patch management strategies ensuring timely escalation and remediation of all identified vulnerabilities.

5. Incident Management and Response

• Collaborate with DevOps and IT security teams to triage, investigate, and resolve incidents effectively.
• Develop automated playbooks for incident response and integrate them with SIEM platform for enhanced detection and response capabilities.
• Maintain detailed incident logs and conduct post-incident reviews to ensure continuous improvement.

6. Compliance and monitoring

• Maintain documentation and cloud configuration compliance by enforcing security controls and policies to ensure alignment with organizational and regulatory standards.
• Establish and track key metrics (KPIs) to monitor the effectiveness of security measures and ensure compliance with internal and external audit requirements.

Requirements:

• Working experience of 5+ years in cybersecurity, with 3+ years in DevSecOps, IaC, or cloud security.
• Must possess hands-on experience with AWS security services, with a strong preference for familiarity with Palo Alto Prisma Cloud and Cortex xDR.
• Proficient in Terraform and other IaC tools for automating secure deployments.
• Strong experience in automation and integrating security checks into CI/CD pipelines using Jenkins, Ansible, GitHub Actions, or similar tools.
• Familiarity with SRE practices and tools for monitoring and improving system reliability.
• Good understanding of ISO 27001 and NIST CSF frameworks.
• Certifications such as CDP, AWS Security, Terraform Associate, CCSP are highly desirable.

Benefits

18 days annual leave

Competitve compensation and benefits packages

Opportunity to work with a dynamic and innovative digital payments

Exposure to cross-functional collaboration and involvement

Mentorship and guidance from experienced professionals