Security Engineer

Responsibilities

· Be the subject matter expert on all things about Cloud and Infrastructure security in Evermos

· Define metrics and key performance indicators to determine the effectiveness of the security testing, tooling & automation program

· Build security standards for product & infrastructure development

· Perform security review of product & infrastructure design plan

· Drive automation of compliance implementation, verification, remediation, monitoring, and reporting

· Ensure that security testing plan evaluate all possible impacts and scenarios on the assets being tested

· Assist the DevOps and Data Engineer in implementing best practices for infrastructure operations, software build and deployment across Evermos

· Improve the analysis and defense techniques and tactics to combat new types and sources of threats and attacks

Requirement:

· Should have vast experience in relevant field

· Familiar with Linux and *nix System and proven track record on managing cloud infrastructure (e.g. AWS, GCP)

· Hands-on experience with automation systems (e.g. Terraform, Helm) and Kubernetes orchestration system

· Hands-on experience micro-services stacks, API Gateway (e.g. Kong), and various security systems (WAF, IDS, etc)

· Hands-on experience with scripting and programming languages (Phyton, bash, Golang, etc)

· Have a strong analytical skills with good communication and interpersonal skills

· Nice to have certifications: CISSP, CISM, CISA, CCSP, CCSK, AWS Cloud Security, etc.