FINNOMENA

DevSecOps Engineer

FINNOMENA

full-time

Posted on:

Location Type: Hybrid

Location: BangkokThailand

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudDockerJenkinsKubernetes

About the role

  • Design, implement, and automate DevSecOps processes and tools within our CI/CD pipeline.
  • Conduct penetration testing on applications, infrastructure, and APIs, identifying and documenting vulnerabilities.
  • Collaborate with developers to understand their needs and integrate security best practices into the development process.
  • Analyze security vulnerabilities, prioritize risks, and recommend mitigation strategies.
  • Develop and maintain security documentation, including threat models and attack surface diagrams.
  • Stay informed about the latest security trends and threats, keeping our team and organization proactive against evolving risks.
  • Participate in security incident response and remediation efforts.
  • Foster a culture of security awareness within the organization through education and training initiatives.

Requirements

  • Proven experience with penetration testing methodologies and tools (e.g., Metasploit, Burp Suite, Nmap, Zap, etc).
  • 3+ years of experience as a DevSecOps Engineer or a related role.
  • Strong understanding of DevSecOps principles and practices.
  • Experience with CI/CD pipelines and automation tools (e.g., Jenkins, GitLab CI).
  • Experience in Kubernetes (GKE, KUBECTL, HELM) and containers (Docker).
  • Expertise in secure coding practices and application security frameworks.
  • Good communication, collaboration, and problem-solving skills.
  • Ability to work independently and as part of a cross-functional team.
  • Bonus Points: Certification in penetration testing (e.g., OSCP, CEH, GPEN, Pentest+).
  • Experience with Google Cloud platforms.
Benefits
  • 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
penetration testingDevSecOpsCI/CDautomationsecure coding practicesapplication security frameworksKubernetescontainersGoogle Cloud
Soft Skills
communicationcollaborationproblem-solvingindependenceteamwork
Certifications
OSCPCEHGPENPentest+