Security Engineer (DevSecOps)

Company Overview
Leading e-commerce company

Job Description
Position Summary:

Security and safety of the Internet services of the company are guaranteed by the IT Security Engineering Office, the core of CERT and the technical security team. We cover all aspects of the SDLC and operation security for the services developed inside our Group.

Responsibilities:

Improve our platform's security level through process improvement and automation
Create security guidelines and best practices in able to match the fast changing landscape
Work with other DevOps teams inside the company to create secure architecture for new and existing platforms
Perform regular operations and discover security challenges inside the ecosystem
Evaluate new vulnerabilities and implement improvement plans across different stakeholders

Requirements
Minimum Qualifications:
Around 3 years of experience in security related fields, such as Security Engineer/Consultants, System Administrators, DevOps
Deep understanding of networking (Ex: VLAN's, Routers, VPNs, DNS, CDN, F/W, WAF and etc)
Experience with cloud environments like Azure, AWS, GCP and its security features
Experience with vulnerability scanners such as Nessus, Rapid7, AppScan, Acunetix
Understand network and application layer vulnerabilities
Passionate in automating every tedious procedure
Highly ethical, strong ownership and sense of responsibility

Preferred Qualifications:
Around 5 years of experience as DevSecOps in an large scale environment
Experience with software provisioning technologies such as Ansible, Chef, Puppet
Experience with IaaS related technologies such as Docker, Kubernetes
Experience with vulnerability management
Proficient in one or more scripting languages, ex: Bash, Python, Ruby, PowerShell
Holder of any security related certifications, ex: GIAC, OSCP/OSCE, CISSP
Strong written and verbal communication skills

JapanTokyo Map

Name of person in charge of hiring：