As a DevSecOps Engineer at YONDU INC., you will play a crucial role in integrating security practices into the software development lifecycle. This full-time, mid-level position is based in Taguig City Metro Manila, and you will be responsible for automating security controls, ensuring compliance, and driving a culture of security-as-code within the organisation.
- Collaborate with development teams to incorporate security best practices and tools into the CI/CD pipeline
- Implement and maintain security controls, such as vulnerability scanning, code analysis, and infrastructure as code
- Automate security testing and monitoring to ensure continuous compliance and security posture
- Provide guidance and training to developers on secure coding practices and security-oriented tooling
- Investigate and respond to security incidents, working with the security and IT teams to mitigate risks
- Stay up-to-date with the latest security trends, tools, and best practices in the industry
Minimum Qualifications
3+ years of experience in a security or DevSecOps engineering role
Proficient in at least one programming language (e.g., Python, Go, or Bash) and experience with infrastructure as code tools (e.g., Terraform, Ansible, or CloudFormation)
Strong understanding of security concepts, including OWASP, NIST, and CIS benchmarks
Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or Azure DevOps) and security automation tools (e.g., Sysdig Secure, Snyk, or Aqua Security)
Ability to work collaboratively with cross-functional teams and communicate technical concepts to both technical and non-technical stakeholders
Familiarity with cloud security best practices and experience in a cloud environment (e.g., AWS, Azure, or GCP)
