No more applications are being accepted for this job
- 13.5 months salary
DevSecOps Security Architect - Malaysia - Michael Page
Description
About Our Client
A leading global manufacturing company that provides precision instruments to clients around the world. With offices in over 140 countries, the company has a reputation for excellence, innovation, and customer service.
Job Description
· Work closely with our development and operations teams to integrate security into our DevOps processes and ensure the secure deployment of applications and infrastructure.
· Design and architect secure and scalable infrastructure solutions that align with DevOps principles and comply with industry and regulatory standards. · Develop and maintain security policies, standards, and procedures, and ensure compliance with all relevant regulatory requirements. · Conducting maturity modeling to identify the maturity of the DevOps processes within a development team. · Implement and manage security testing tools and processes, including vulnerability scanning, penetration testing, and code analysis. · Collaborate with cross-functional teams to ensure security measures are integrated into the software development lifecycle. · Stay up-to-date with emerging security threats, trends, and technologies · Communicate security risks and issues to senior management and stakeholders. · Serve as a subject matter expert and advocate for application security best practices. · Provide guidance and support to other IT teams and departments to ensure the effective implementation of security measures.The Successful Applicant
· Bachelor's degree in Computer Science, Information Systems or a related field.
· 5+ years of experience in software development and application security architecture and design. · Strong technical knowledge and experience with DevOps tools and processes, network security, cryptography, application security, and cloud security. · Strong knowledge of web application architecture, design, and development. · Knowledge of software development requirements for embedded systems. · Deep understanding of security principles and practices, including OWASP Top 10, CWE Top 25, and SANS 25. · Experience with software development tools such as Git, JIRA, and Eclipse is a plus. · Experience with Synopsys tools such as Coverity, Blackduck, and CodeDX are a plus. · Familiarity with industry standards and regulations such as PCI DSS and GDPR. · Excellent analytical and problem-solving skills, with the ability to identify and mitigate potential security risks. · Strong communication and interpersonal skills, with the ability to work effectively with internal stakeholders and external vendors. · Relevant industry certifications such as CISSP, CISM, CSSLP or CEH are a plus.What's on Offer