Senior Security Engineer - Singapore - GXS BANK PTE. LTD.
Description
About The Team
We are the bank's security engineering team - our mission is simple - we make sure that we build and leverage secure systems and operate them at production scale in a secure way.
Our engineering teams move fast and are constantly innovating, and our security engineers need to ensure we provide the right tools and processes to help them move at high velocity.
We are a builder function, we build tools and processes that bring to life the banks security standards and policies.
Get to know the Role:
- We are seeking security engineers who are excited about shaping the future of information security by building security tools to identify and eradicate vulnerabilities across all stages of the software development lifecycle.
- Our team covers line one control ownership of multiple domains, including cloud, DevSecOps, privileged access management, runtime, containers, kubernetes, cryptography, SaaS security and automated response.
- You will work on a public cloud security program with an aim of realtime vulnerability identification and automatic remediation.
- You will work with public cloud, terraform, commercial cloud posture security management tools, opensource kubernetes admission controllers (Kyverno) and build tools that automate our security posture.
The day-to-day activities:
- Design and implement cutting edge preventative and detective controls
- Shift security left in the engineering lifecycle by implementing commercial, security tools and scanners.
- Collaborate with experienced security engineers and engineering squad leads to research and build solutions geared towards identifying security issues at scale
- Evaluate/extend/contribute to existing opensource security tools and integrate them into pipelines.
- Constantly evaluate our progress and work on solutions to raise our security bar at scale. You understand that security is a continuous, ever evolving process.
- Design and implement an automated security scanning solution for cloud infrastructure as code, experience using Sentinel policies for Terraform is preferred.
The must-haves:
- An understanding of public cloud security and cloud native security services is a plus
- An understanding of common global and industry standard control frameworks (CIS, NIST80053, PCI-DSS)
- Should have relevant experience of 3 to 5 years
- Experience with scripting/programming security automation. While you do not need to be a full time programmer, we do strive for automation and are required to glue a lot of our processes together. Go, Python, etc.
- Experience with container platforms and frameworks is preferred (AWS EKS, Docker, Kubernetes, Admission Controllers, Kyverno).
More jobs from GXS BANK PTE. LTD.
-
Lead Software Engineer, Backend
Singapore - 1 day ago
-
Senior Data Engineer
Singapore - 1 week ago
-
Content Lead
Singapore - 1 week ago
-
Name Screening Specialist
Singapore - 1 week ago
-
Procurement Executive
Singapore - 1 week ago
-
Lead Software Engineer, Backend
Singapore - 5 days ago