Platform Security Engineer

Closed

Enginering DevOps Product Management

Location

Ho Chi Minh

Benefits

Full social insurance

Flexible working time

Salary review

Travel/company trips

Laptop/desktop for works

Performance bonus

Extra health insurance

13th month salary

Others

Work-from-home policy

Job Overview And Responsibility

- Supporting ANZx teams to achieve operating effectiveness by aligning and collecting evidence against controls. - Assisting Security Partners and Assurance teams to identify opportunities to automate evidence collection. - Providing technical advice to teams for the correct implementation of security configurations, such as Network policies, IAM, API authentication, and other Cloud components. - Supporting the teams to design secure CI and CD pipelines. - Supporting the Security Partners in analyzing vulnerabilities and Pen-test findings that might affect non-application-code-specific bits of the solution. - Defining policies as code in assurance tooling. - Running proof of concepts for trying new security tools and implementations. - Working with ANZx or other ANZ security engineers and penetration testers to help develop abuse cases and threat models.

Required Skills and Experience

- 3 - 5 years of demonstrated experience with at least one major cloud platform (GCP, AWS, or Azure), experience in Cloud well-architected framework - Applied knowledge of one or more security frameworks (eg. NIST, CIS) - Experience in setup GitOps, CI/CD, monitoring, incident management & troubleshooting - Understand vulnerability findings and contribute to, triage and action recommendations. - Experience in working on codebases in a enterprise setting, including managing the use of various libraries and dependencies. (eg. Java, Golang, Rust, C#, C/C++, Clojure..) - A background in cloud engineering and a knowledge of security requirements for cloud. - A knowledge of software development lifecycle, CI/CD tools, and performing code reviews. - Ability to write policy and automation expressed as code. - Use research and analysis skills to identify new security automation opportunities. - Be able to consume and understand detailed security requirements. - Able to communicate effectively with security and non-security stakeholders to solve everyday problems. - Appetite for learning and sharing new security and technical opportunities in a broad forum.

Why Candidate should apply this position

- Hybrid working mode (3 working days at the office, flexible time). - Salary: Please completely feel free to tell us your expected number!!! - 18 paid leaves/year (12 annual leaves and 6 personal leaves). - Insurance plan based on full salary + 13th month salary + Performance bonus. - Meal allowance of 730,000 VND/month. - 100% full salary and benefits as an official employee from the 1st day of working. - Medical benefit for employee and family. - Working in a fast-paced, flexible, and multinational working environment. Chance to travel onsite (in 49 countries). - Free snacks, refreshments, and parking. - Internal training (Technical & Functional & English). - Working time: 08:30 AM - 06:00 PM from Mondays to Fridays (meal breaks included).

Preferred skills and experiences

- A background in financial services security and compliance. - Knowledge of the Google Cloud Platform and Kubernetes. - Experience in designing controls for SaaS and PaaS based services. - Experience in the design and architecture of new software systems and integrations. - Strong development experience in languages such as Go, Java, or similar. - Design of reports for stakeholders, particularly around security posture and compliance.