HomeVacanciesDevSecOps Engineer

DevSecOps Engineer

สนใจสมัครงาน กรุณาส่ง E-mail ระบุตำแหน่งงานที่สนใจ และแนบประวัติ (Resume) ส่งถึง hr.recruiting@ktcs.co.th

Responsibilities

Job Summary
The DevSecOps Engineer at KTCS plays a critical role in integrating security practices into every stage of the Software Development Life Cycle (SDLC). You will work closely with Development, Operations, and Security teams to build, enhance, and maintain highly secure and automated Continuous Integration/Continuous Delivery (CI/CD) pipelines. Your primary goal is to ensure that KTCS’s applications and infrastructure are stable, secure, and delivered efficiently and rapidly.
Key Responsibilities
    1. Security Integration & Automation:
      • Design and implement “Security as Code” principles across the DevSecOps process.
      • Integrate automated security testing tools (e.g., SAST, DAST, SCA) seamlessly into the CI/CD Pipeline.
      • Identify, evaluate, and mitigate security vulnerabilities in code, dependencies, and infrastructure.
    2. CI/CD Pipeline Management:
      • Design, develop, manage, and maintain robust CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions) to enable secure and automated deployment.
      • Manage and secure Containerization technologies (e.g., Docker, Kubernetes).
    3. Infrastructure as Code (IaC) & Cloud Security:
      • Develop and maintain secure Infrastructure across On-premise and Cloud environments (e.g., AWS, GCP, Azure) using IaC tools (e.g., Terraform, Ansible).
      • Configure and manage access controls (IAM) and security policies on Cloud Platforms.
    4. Monitoring & Incident Response:
      • Implement and maintain robust Log, Monitoring, and Observability systems (e.g., ELK Stack, Prometheus, Grafana, Datadog), with a focus on security alerting.
      • Participate in and support the Security Incident Response process, including root cause analysis.
    5. Collaboration & Mentorship:
      • Act as a subject matter expert, providing guidance and mentorship to development and operations teams on DevSecOps best practices and secure coding principles.
      • Create and maintain comprehensive documentation for DevSecOps processes and security standards.
    6. Continuous Improvement:
      • Stay abreast of the latest trends and technologies in DevSecOps, Cloud Security, and Automation to drive continuous improvement in the company’s security posture and delivery efficiency.

Qualifications

Hard Skills & Technical Requirements:
  • Experience: 2+ years of relevant experience as a DevSecOps Engineer, DevOps Engineer, Security Automation Engineer, or similar role.
  • Operating Systems: Deep understanding of Linux/Unix system administration and security hardening.
  • CI/CD & Automation: Proven experience in building and managing CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions).
  • Containerization & Orchestration: Hands-on experience with Docker and Kubernetes.
  • Infrastructure as Code (IaC): Experience using IaC tools like Terraform or Ansible.
  • Cloud Platform: Experience with at least one major Cloud Platform (AWS, GCP, or Azure) and a strong understanding of Cloud Security concepts.
  • Security Tools: Familiarity with integrating and using security tools (e.g., SAST/DAST, Vulnerability Scanners, Web Application Firewalls – WAF).
  • Scripting/Programming: Proficiency in at least one scripting/programming language for automation (e.g., Python, Bash/Shell Script).
  • Networking: Foundational knowledge of networking concepts and security protocols.
Soft Skills & Education:
  • Education: Bachelor’s degree in Computer Engineering, Computer Science, Information Technology, or a related technical field.
  • Communication: Excellent verbal and written communication skills in English.
  • Attributes: Strong analytical, troubleshooting, and problem-solving abilities. Proactive mindset, high level of self-motivation, and ability to collaborate effectively across cross-functional teams.