Our Client is looking for an experienced DevSecOps Professional to secure and manage our AWS cloud-based applications and operations in Japan. Reporting to our CISO, with deep collaboration with our engineering teams, your focus will be on protecting customer information, our intellectual property, and the resiliency of our platform by bringing your experience and deep understanding of frameworks such as NIST CSF, SOC2, and ISO 27001.
Duties & Responsibilities
- Work collaboratively with engineering, data management, and support and delivery teams to secure our platform.
- Enhance our applications IT infrastructure and security protocols.
- Maintain robust application security, identity, and compliance to common security frameworks.
- Recommend strategic improvements to the CISO and CTO.
- Insatiable desire to automate and secure everything.
- Maintain end-to-end security, ensuring security best practices are always implemented, making decisions using reportable metrics.
- Help engineering securely provision and maintain resources using infrastructure as code tools such as Terraform and AWS Cloud Formation.
- Develop and maintain a catalog of secure, baseline modules (e.g. hardened S3 bucket module) for engineering teams to consume in their services.
- Perform other DevSecOps duties as requirements change in a fast paced environment in an evolving threat landscape.
【会社概要 | Company Details】
A successful Fintech Company, provides a payment platform that lets online merchants accept payments in real-time from consumers without credit cards.
【就業時間 | Working Hours】
Work Location: From anywhere in Japan
【休日休暇 | Holidays】
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays
【待遇・福利厚生 | Services / Benefits】
各種社会保険完備（厚生年金保険、健康保険、労災保険、雇用保険）、 屋内原則禁煙（屋外に喫煙所あり）、 通勤交通費支給等
Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.
- Passion and a sense of ownership.
- Experience successfully leveraging the numerous security resources available on AWS in a production environment is required.
- Deep understanding and experience securing and deploying containerized applications in a multi-AWS account environment.
- Experience building and securing RESTful and GraphQL APIs.
- Deep understanding of the fundamentals of cybersecurity at multiple layers of abstraction, in MicroServices and monolithic architectures.
- Bonafide experience with multiple Application Security Tools (SAST, DAST, etc.) and integration into CI/CD pipelines such as CircleCI.
- Experience performing automated functional and performance tests in production environments.
- Developed and managed hardened container-based platforms.
- Experience building infrastructure as code using AWS CloudFormation and Terraform.
- Strong practical Linux-based systems administration skills and scripting experience.
- Expert communication skills, both written and verbal as we work remote and often rely on asynchronous communication.
- English – Business Level
- Japanese – Not needed, good to have