DevOps Security Engineer

CBD, Central Singapore, Singapore CBD, Central Singapore, Singapore

DevOps Security Engineer

Job description

At Toku, we create bespoke cloud communications and customer engagement solutions to reimagine customer experiences for enterprises. We provide an end-to-end approach to help businesses overcome the complexity of digital transformation in APAC markets and enhance their CX with mission-critical cloud communication solutions. Toku combines local strategic consulting expertise, bespoke technology, regional in-country infrastructure, connectivity and global reach to serve the diverse needs of enterprises operating regionally.

As we continue creating momentum for our products in the APAC region and helping customers with their communications needs, we are seeking a highly skilled and motivated DevSecOps Specialist to join our dynamic team. You will play a critical role in ensuring the security, reliability, and scalability of our software development and deployment processes. Your primary focus will be to integrate security practices seamlessly into our DevOps workflows, emphasizing a proactive and collaborative approach.

This is an impactful position during a growth phase for the business. If you are seeking a dynamic environment where your expertise in DevSecOps can make a tangible difference and contribute to the success of our growth journey, this is the perfect opportunity for you.

Want to be part of our journey?

What would you be doing?

  • Design, implement and maintain secure CI/CD pipelines for all our products.
  • Design, implement and maintain a cloud infrastructure architecture that meets the high availability, reliability, performance, scalability, and security requirements.
  • Identify, evaluate and implement tools for automated security tests, such as SCA, DAST, IAST and SAST.
  • Remediation of vulnerabilities and security findings in operating systems, software, and supporting services.
  • Perform code reviews and provide hands-on support in DevOps tasks.

  • Work closely with application teams to set up, configure and support the application environment, such as nginx, apache, php, redis, ElastiCache, etc.
  • Process automation and improvements, and resource optimization.
  • Working with penetration testers to identify vulnerabilities, perform risk assessments and close security findings.
  • Work with 3rd party vendors, external customers and internal stakeholders from other departments to ensure successful security implementation and support additional security requirements.
  • Stay up to date with emerging security threats, industry trends, and advancements in DevSecOps practices, and propose innovative solutions to enhance security posture.

We would love to hear from you if you have:

  • Bachelor’s Degree in information systems or related field.
  • At least 3 years experience in DevOps practices, tools, and methodologies.
  • At least 3 years experience in Cloud Security.
  • Experience working in a hybrid environment (Cloud + on-prem systems).
  • Experience in implementing AWS services, such as EKS, ECS, IAM, Lambda, Inspector, Guard Duty, CloudWatch, Opensearch, CloudFormation, etc.
  • Experience in automation tools, such as Puppet, Ansible and Terraform.
  • Experience in Linux, preferably Debian or Ubuntu, with exposure to scripting languages.
  • Strong problem-solving and communication skills, with the ability to collaborate effectively across teams as well as working well independently.
  • Experience in ISO27001, SOC2, and CSA STAR certifications would be an added bonus.

What would you get?

  • Flexible working locations
  • Training and Development
  • Discretionary Yearly Bonus & Salary Review
  • Healthcare Coverage based on location
  • 20 days Paid Annual Leave (excluding Bank holidays)

If you would love to experience working in a start-up growing at an accelerated speed, and you think you tick most of the requirements, join us!