DevSecOp Engineer

Location Bangrak
Job type Permanent
Salary THB 90,000 - 120,000 / Negotiable
Consultant email songporn.j@th.experis.com
Consultant contact 0858859242

​Job Responsibilities

  • Ensure that the Static Application Security Testing (SAST) environment is performing optimally

  • Provide education and guidance about SAST tools and process best practices

  • Ensure compliance with applicable Policies, Standards, Requirements and Directives

  • Assist with audits to demonstrate compliance

  • Schedule, scope and prioritize SAST assessments of applications

  • Identify, document, rate, and communicate vulnerabilities to responsible teams

  • Reproduce, demonstrate and retest vulnerabilities

  • Maintain awareness of security issues amongst development community

  • Continually improve SAST process and environment

  • Provide expertise in Continuous Test/Integration/Deployment platforms

Requirement

  • 3+ years of application security experience

  • Must be familiar with OWASP top ten understanding of vulnerability governance and reporting

  • Working experience with Software Composition Analysis (SCA) tools - Black Duck, Sonatype Nexus, etc.

  • Working experience with Static Application Security Testing (SAST) tools - Fortify, Checkmarx, Veracode, etc.

  • Experience in consuming APIs

  • Experience with cloud security - AWS Cloud preferred

  • Experience with code repository management platforms - GitHub, BitBucket, GitLab

  • Experience developing cloud native CI/CD workflows and tools, such as Jenkins, Circle CI and/or GitLab

  • Experience with infrastructure automation tools and coding/scripting (i.e. ansible, terraform, python, Shell script)

  • Fluent in Linux OS (i.e. Ubuntu, Debian)

  • Must be a team player with great interpersonal skills