Responsibilities
· Be the subject matter expert on all things about Cloud and Infrastructure security in Evermos
· Define metrics and key performance indicators to determine the effectiveness of the security testing, tooling & automation program
· Build security standards for product & infrastructure development
· Perform security review of product & infrastructure design plan
· Drive automation of compliance implementation, verification, remediation, monitoring, and reporting
· Ensure that security testing plan evaluate all possible impacts and scenarios on the assets being tested
· Assist the DevOps and Data Engineer in implementing best practices for infrastructure operations, software build and deployment across Evermos
· Improve the analysis and defense techniques and tactics to combat new types and sources of threats and attacks
Requirement:
· Should have vast experience in relevant field
· Familiar with Linux and *nix System and proven track record on managing cloud infrastructure (e.g. AWS, GCP)
· Hands-on experience with automation systems (e.g. Terraform, Helm) and Kubernetes orchestration system
· Hands-on experience micro-services stacks, API Gateway (e.g. Kong), and various security systems (WAF, IDS, etc)
· Hands-on experience with scripting and programming languages (Phyton, bash, Golang, etc)
· Have a strong analytical skills with good communication and interpersonal skills
· Nice to have certifications: CISSP, CISM, CISA, CCSP, CCSK, AWS Cloud Security, etc.