Security Principal Engineer – DevSecOps & IAM

SUMMARY OF RESPONSIBILITIES 

• Key member of the Senior Technical Committee for IT Security and represents IT Security within ISD Division and PayNet 
• Lead automation initiatives across various security functional areas 
• Lead major improvement initiatives and Security engineering in Identity Access Management 
• Drive security within DevSecOps culture, shift left, develops framework and execution 
• Co-Lead security improvement initiatives for cloud native workloads 
• Support other team members within corresponding core functional area on customer fronting operational matters 

KEY AREAS OF RESPONSIBILITIES 

Serves as a member of the technical committee and point of reference for the team in the following areas of responsibilities: 

• Support: 
  • Provide technical support, monitoring and resolve issues for the Kubernetes platform, IAM solution, cloud platform, and associated security tools 
  • Respond to security incidents and vulnerabilities identified by security tools and manual audits 
  • Provide guidance and support to developers and operations teams on Kubernetes and security best practices 
•  Engineering: 
  • Design and architect automation and security solution into GitOps 
  • Implement automated security testing and monitoring tools into CI/CD pipelines, such as SAST, DAST and SCA 
  • Integrate tools and system with IaC stored in repository 
  • Improve and containerize security tools into Kubernetes platform 
  • Develop and maintain documentation, policies, and procedures related to security 
  • Automate IAM processes, such as user provisioning and de-provisioning 
  • Develop and implement security platforms and tools specialized in Identity and Access Management (IAM) 
  • Improve the efficiency and effectiveness of the provisioning and fulfilment cycle by way of automation of repeatable tasks and fact gathering for post configuration validation.
  • Lead initiative in improving and/or enhancing logging facilities as it pertains to security alert across various applications and platforms 
  • Establishing dashboards for visualization and improving the lifecycle of alerting and response 
  • Accountable for production issues and serves as a Subject Matter Expert (SME) within the area of IAM, DevSecOps, cloud platform, security automation, extending advice and consultancy to cross functional teams 
  • Coach and mentor junior team members within ITS through knowledge transfers and on-the-job training 
  • Manage and improve the support quality to the banks for new and existing access issues  
  • Establish standards and guidance per industry security practices for technology adopted by PayNet, practices such as DevOps, GitOps should be common place. 
  • To be well aware of emerging risk, interpret and prioritise within organisational context, assess and propose improvement of relevant controls 
  • To be aware of and uphold security responsibilities as stated in the company’s Information Security Policy 

QUALIFICATIONS & EXPERIENCE 

Minimum Qualifications & Professional Certification 

• Bachelor’s degree in computer science, Information Systems Technology, or Software Engineering with a minimum of 8 years of relevant work experience 
• Experience in the IT banking and Telecommunications sector would be an added advantage 
• Added advantage if in possession of either a relevant industry recognised certification in Linux or Kubernetes Certification, AWS Solution Architect Associate/Professional, Information Security. 

Working Experience  

• Experience variety of security tools and technologies, such as intrusion detection systems, firewalls, SIEMs, vulnerability scanners, and code analysis tools 
• Understanding of both software development and operations. Experience with modern development practices, such as Agile and DevOps, and should be familiar with modern technologies like cloud computing, containers, and microservices 

Other Additional requirements 

• Supreme attention to detail, analytical, critical thinking and problem-solving skills, self-driven and quality results oriented.
• installing and configuring Linux operating systems, setting up and maintaining network infrastructure, managing and monitoring system resources, troubleshooting and resolving system issues 
• experience with penetration testing tools, and relevant certification 
• Strategic in planning and organising, effective interpersonal and project management skills.