- Hong Kong
- Permanent, Full time
- Standard Chartered Bank
DevSecOps Engineer – Virtual Banking
- Location: Hong Kong
- Salary: Competitive
- Job Type: Full time
DevSecOps Engineer – Virtual BankingAbout Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
As one of the biggest banks in market, we are rapidly expanding by growing a new virtual banking business in Hong Kong. We see ourselves as a fast growing start-up company where you will enjoy autonomy and teamwork at the same time, solving new and exciting problems in a nimble and agile way. Join us and be part of history making for future banking experience!
The Role Responsibilities
As a DevSecOps Engineer you'd work on securing our platform with industry best practice using cloud native technologies and actively seek out modern, automated solutions to the problems encountered. You'd work with the development teams to proactively improve our security posture through best in class tooling and modern processes while still keeping our efficiency.
- Collaborate closely with our development teams in our fast-paced delivery environment
- Provide an enterprise-grade security as a service
- Set security posture objectives while engaging with and supporting the development teams
- Evaluate and roll out new security tooling and automated process
- Build and run red team drills to evaluate security posture
- Assess penetration testing results and perform hands-on remediation
Our Ideal Candidate
- Excellent practical knowledge of the application of defense in depth of a modern web app
- Information security experience with certifications preferable, e.g. CCSP, CISSP, CISM
- Excellent knowledge of proven security principles, for example least privilege, failing securely and zero trust networks
- Knowledge of technology best practices for building a modern automated platform
- Self-starter, capable of working without direction and able to deliver projects from scratch
- Container Management and container orchestration experience - Docker, Kubernetes
- Security experience with JVM based languages such as Java/Scala/Kotlin
- Public cloud management experience - AWS with Hashicorp Terraform
- Strong knowledge of Linux/UNIX
- Strong understanding and practice Agile/Lean projects SCRUM, KANBAN etc.
- Practical knowledge with Git flow, Trunk and GitHub flow branching strategies
- Strong English communication skills
- Monitoring tools Elastic Stack, Prometheus, Grafana
- Relevant AWS certifications, e.g. AWS Solutions Architect