Senior DevSecOps Engineer - BitMEX Hong Kong Bookmark Share Print 64 0 0

Listing Description

Overview


The goal of a DevSecOps Engineer is to proactively identify and help mitigate technical risk in all software pipelines within BitMEX. They will achieve this through a strong partnership with DevOps, with a combination of security gate implementation & management, security control administration and overall reporting while working closely with DevOps, alongside the Detection & Response, AppSec and Infrastructure Security teams.


Responsibilities


Design and implement secure automation solutions for development, testing, and production environments



  • Collaborate with Product Management and Architects to contribute to the roadmaps of CI/CD Pipeline

  • Implement security controls, best practices and configuration management 

  • Hands-on contributor and code reviewer on DevSecOps related projects

  • Employ infrastructure as code paradigm to increase automation, scalability, and reliability

  • Perform technology watch related to industry trends and best practices.

  • Maintains extensive knowledge of state-of-the-art principles, theories, and practices around all things software-related. Identifies and recommends long-term technologies of relevant company interest and proposes long-term development strategy on cutting-edge trends and developments in area of expertise.


Qualifications



  • 10+ years of security industry experience, with minimum 2 years in a DevSecOps role.

  • Experience building tools for Continuous Integration and Continuous Deployment systems. Familiarity with DevSecOps principles for integrating security solutions in products like Jenkins, Helm, ArgoCD.

  • Proven experience and understanding of security principles across infrastructure platforms, data layers, integration points, and application layers.

  • Demonstrated experience architecting and developing security solutions during the secure software development lifecycle program or secure lifecycle improvement efforts and managing large scale projects to completion.

  • Adapt to evolving security and business priorities quickly and effectively. Loves new technological challenges and excels at solving them.

  • Modern infrastructure and application development experience using public cloud primitives. You should be familiar with kubernetes, serverless architecture and infrastructure as Code tools like Terraform, Ansible, Chef.

  • Knowledge of Kubernetes DNS how it interacts with external DNS servers.

  • End to end troubleshooting experience.


Good to have



  • Common security certifications such as GSEC, CEH, CISSP, CCSP, or CCSK.

  • Good understanding of Public Key Infrastructure (PKI).

  • Technical understanding of management implementations for identity like MFA, 2SV, SAML, OAuth.

  • Experience with Prometheus/Thanos, Graphite, Fluentd.

  • Experience with data templating languages like Jsonnet or related a plus.


#LI-CH1


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

AtmosJobs is a community-run job platform developed by SaaS professionals. Our unique approach of focusing strictly on Cloud positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765