Gappify is looking for a Devops Security Engineer in the Philippines. The DevOps Security Engineer will be responsible for the design and development of innovative security solutions for protecting data deployed into the cloud. In addition, you will be responsible for keeping our infrastructure secure by working on our deployment, automation, and monitoring systems. You will also work closely with our development team to implement the necessary processes to keep our platform highly available, efficient, and secure. Your work will touch many technologies including AWS, Redis, RDS, EBS, etc. The ideal candidate communicates effectively with engineering, has the business acumen and critical thinking skills needed to quickly adapt and troubleshoot as unexpected project issues or changes arise.
This is what you’ll do at Gappify:
As a DevOps Security Engineer, you are responsible for the scaling and support of our multi-region, multi-cloud application. Own the deployment architecture and strive to improve our infrastructure through a deep partnership with other teams across the organization. This role will work closely with engineering to ensure smooth delivery of core integrations for Customer on-boarding and expansion.
• Work as the primary engineering contact related to all things security.
• Own and manage our security vulnerability monitoring and intrusion detection systems. Ensure we are proactively fixing issues raised. Manage the interactions with the company’s outsourced SOC, WAF, Cloud Watch, Sentry monitoring, etc.
• Develop internal tooling for automatic deployment of security patches to our production infrastructure.
• Develop tooling, processes, and documentation for smooth deployment practices ensuring segregation of duties with the engineering team.
• Own and develop a process to assist eng+sales on customer security questionnaires.
• Build out, test, and maintain disaster recovery solutions and tabletop exercises.
• Architect and implement solutions necessary to address security audits and compliance efforts. Knowledge of SOC2 and ISO27001 and PCI a plus.
• Work with external security testing vendors to coordinate pen testing of our platform and network. Coordinate any necessary fixes with the engineering team. Support the outsourced bug bounty program.
• Work closely with the applications and infrastructure engineering teams to ensure we are considering security when architecting and building new systems. Ensure that security solutions are architectured with developer velocity and efficiency in mind.
• Develop tools to automate the ongoing security auditing of IAM permissioning and other AWS configurations
This is what you’ll bring to our team:
• 5+ years of experience working in a DevOps role
• 5+ years of experience working in a Security role handling cloud infrastructure
• Prior experience working in a Software Engineering role with languages such as PHP, JAVA, PYTHON, etc.
• Experience securing AWS deployments.
• Experience turning feedback from security analysis tools (Amazon Inspector, etc) into infrastructure improvements
• Familiarity with Docker and container orchestration tools like Kubernetes
• Experience managing, scaling, and automating AWS deployments
• Strong foundation in programming, algorithms, and software application design
• Passion for solving challenging problems and iterating quickly
• Entrepreneurial self-starter. You thrive in a fast-moving environment and are independently capable of seeking information, corralling resources, and delivering results without waiting for direction.
• Bachelor’s/Master’s degree in Engineering / Computer Science / Information Systems or equivalent work experience