Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Ajaib

DevSecOps Engineer – Lead

Ajaib

DevSecOps Engineer ensuring security in CI/CD deployment pipelines for a fintech in Indonesia. Requires expertise in various security tools and practices.

Posted 6/15/2026full-timeJakarta • 🇮🇩 IndonesiaSeniorWebsite

Tech Stack

Tools & technologies
CloudDockerGoJavaJavaScriptJenkinsKubernetesNode.jsOpen SourcePythonTerraform

About the role

Key responsibilities & impact
  • Pipeline Security Automation: Integrate and manage static, dynamic, and software composition analysis tools into continuous integration and continuous deployment (CI/CD) pipelines.
  • Tooling Optimization: Own, configure, and fine-tune AppSec platforms including Checkmarx, Semgrep, Snyk, and SonarQube to minimize false positives and maximize actionable alerts.
  • Automated & Manual DAST: Configure automated dynamic scanners and leverage Burp Suite Professional for targeted security testing on APIs and web services.
  • Vulnerability Remediation & Triage: Act as the primary technical point of contact to triage code vulnerabilities, providing clear remediation guidance and proof-of-concept fixes directly to engineering teams.
  • Open Source Security (SCA): Utilize Snyk and similar tools to monitor open-source dependencies, license compliance, and third-party software supply chain vulnerabilities.
  • Policy Enforcement: Define automated gatekeeping thresholds (e.g., failing builds for critical/high vulnerabilities) within the deployment pipeline based on internal security policies.

Requirements

What you’ll need
  • Experience: 4+ years of experience in DevOps, software engineering, or application security, with at least 2+ years dedicated exclusively to DevSecOps practices.
  • Tooling Command: Proven, deep technical proficiency with the following tools:
  • - SAST: Checkmarx, Semgrep, SonarQube
  • - SCA & Container Security: Snyk
  • - DAST / Pen-testing: Burp Suite Professional
  • CI/CD Ecosystems: Extensive experience building automation plugins and pipelines in GitHub Actions, GitLab CI, Jenkins, or Bitbucket Pipelines.
  • Infrastructure as Code (IaC): Solid understanding of cloud-native infrastructure, containerization (Docker, Kubernetes), and secure IaC deployment (Terraform).
  • Development Background: Ability to read and understand code snippets across multiple languages (e.g., Python, Java, Go, Node.js).
  • Certifications: Certifications such as Certified DevSecOps Professional (CDP), Practical DevSecOps (CDEP), or CSSLP are highly preferred

Benefits

Comp & perks
  • Join us as we make magic happen to increase Indonesia’s financial inclusion!

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DevSecOpsstatic analysisdynamic analysissoftware composition analysisvulnerability remediationpolicy enforcementInfrastructure as Codecontainerizationcoding languagesautomation
Soft Skills
communicationproblem-solvingcollaborationtechnical guidance
Certifications
Certified DevSecOps ProfessionalPractical DevSecOpsCSSLP