Các Phúc Lợi Dành Cho Bạn
Mô Tả Công Việc
The main responsibilities of the DevSecOps Lead include:
• Lead the team to define CI/CD process and standardize the process for the delivery organization, while ensuring the best practices and security practices are in place.
• Collaborate with the development teams in delivering new features and applications. Standardize configuration and deployment for projects in the delivery organization. Ensure the project teams to follow the best practices and obligate the necessary security.
• Ensure the setting up of the process and tool to check coding conventions/requirements and enhance coding quality is in place for different delivery teams.
• Involve in setting up the process and tool to do automated testing, integration testing, to ensure it meets the defined security requirements.
• Involve in setting up auto-backups for databases/applications on demand, to ensure it meets the defined security requirements.
• Assist in setting up to ensure pen test and security scanning is implemented before each release.
• Recommend ideas on improving the application/database securities, particularly on operation automation.
• Work with DevOps engineers to create code/config templates/guidelines for auto-provision of multiple dev/test/prod environments.
• Involve in the process of provisioning multiple dev/test/prod environments, to ensure it meets the defined security requirements.
• Assist the development team with system architecture and infrastructure optimization.
• Identify and deploy cybersecurity measures by continuously performing vulnerability assessment and risk management.
3. Manage & Monitor
• Lead the DevOps engineers to define KPIs, performance metrics and procedures to monitor the health and performance of applications and databases.
• Lead the DevOps engineers to setup monitoring/alerting procedures/systems/dashboards, manage and monitor all installed systems and infrastructure platform.
• Define security policies and procedures to be applied at the companywide.
• Define data privacy policies and appropriate data processing procedures to be applied at the companywide.
• Create a security handbook and guidelines to guide delivery/support teams to follow.
• Plan auditing activities in terms of security requirements on different delivery/support teams and schedule to execute those.
• Provide periodic environment reviews and suggestions for enhancement of services, delivery quality, system reliability, scalability, performance, and cost-effectiveness.
• Be the manager on DevSecOps activities, and drive the team to excellency; administration of different DevOps and Security tools, and automating processes whenever possible.
• Take initiative in improving on reporting, processes, workflow and client outcomes.
• Ultimately be responsible for all communication/meetings/addressing problems on a number of customers’ environments across infrastructure and applications.
• Make sure all procedures, guidelines and best practices are documented.
• Work closely with IT and Application Management Engineers to assist both internal and external clients.
• Provide assistance to the other teams in the technical meetings with major clients on issues that relate to the expertise of DevOps and Security.
• Mentoring and guiding the team members
• Planning the team activities, and involvement in project management activities
• Managing stakeholders and external interfaces
• Monitoring and measuring customer experience and KPIs
• Managing periodic reporting on the progress to the management and the customer
• Stay on top of DevSecOps trends, experiment and learn for continuous improvement, and seek to continually improve processes companywide.
Yêu Cầu Công Việc
• Must have a deep understanding of both development and operations processes, as well as a strong technical background.
• Good communication skills (in English and Vietnamese). Be able to consult the customer with the best possible solution.
• From 5+ years of experience in software development and operations, with at least 2 years working in DevOps and Security, and with at least 1 year working as a Manager.
• Must possess demonstrable knowledge of software development, deployment, system administration, and security, and have hands-on experience with enterprise applications, platform services, cloud technology, system architecture, automation, and orchestration; to evaluate, consult and propose the clients and development teams with the optimal and exact needs of servers/infra components and requirements, and make certain that overall system performance meets client expectations
• Must-have: programming experience with scripting languages (e.g., Bash, Python, Powershell, etc.)
• Must-have: Experiences in implementation and managing services: SQL Server, MySQL, Postgres, Mongo/Cosmos, Redis, Kafka …
• Must-have: Knowledgeable of database queries and data security
• Must-have: Familiar with web servers, i.e. IIS, Nginx, Apache, Tomcat, IBM WebSphere, etc.
• Must-have: Experience DevOps tools and CI/CD pipeline: TeamCity, Jenkins, Azure DevOps, Octopus Deploy
• Having experiences with Ansible, Puppet and Terraform is a plus
• Good in working with cloud platforms: Azure, AWS, GCP. Certification/qualification is highly regarded.
• Practical experience with Dockerized Containers, Kubernetes, Openshift, IBM Cloud-based services, IBM Bluemix
• Good knowledge of System infrastructure (Network, Security, Services, Virtualizations)
• Must-have: Have knowledge and experience with ELK (Elasticsearch, Logstash, Kibana), Azure Application Insights, Dynatrace, RayGun, Prometheus, Grafana, Loki, Datadog, and/or equivalent systems/tool.
• The ability to work well in a team and individually.
• Strong management skills and good customer service skills with the ability to effectively deal with customer inquiries in a timely manner.
• Ability to analyze, architect, plan, manage and optimize the infrastructure as well as the operation and processes to meet the company and client expectations in terms of performance and cost.
• The ability to adapt to changing situations, and be focused on delivery while ensuring quality.
• The ability to work under pressure and tight deadlines
• High sense of responsibility
• Willingness to learn and share continuously
• Creative, innovative, and strive for continuous improvement
• Motivated in delivering top-quality work