Senior DevSecOps Engineer
Grab
Company Description
About Grab and Our Workplace
Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.
Job Description
Get to know the team
The DevSecOps team at Grab is dedicated to integrating security practices into our development and operations processes. With a focus on ensuring the security and reliability of our services, we strive to stay ahead of emerging threats and protect our users' data.
Get to know the role
We are seeking a talented and experienced Senior DevSecOps Engineer to join our dynamic team. The ideal candidate will possess a strong background in DevSecOps tools, application security and automation. As a Senior DevSecOps Engineer, you will play a crucial role in architecting and implementing secure DevOps practices across our organization.
The Critical Tasks You Will Perform
- You will implement and maintain DevSecOps tools such as Static Security Testing, Dynamic security Testing, Dependency scanning solutions and Supply Chain Security.
- You will develop and automate security processes using Python and Go Lang to enhance efficiency and scalability.
- You will collaborate with cross-functional teams to integrate security into the software development lifecycle (SDLC) and CI/CD pipelines.
- You will provide expertise and guidance on application security best practices and assist in the implementation of secure coding standards.
- You will conduct security assessments, vulnerability scanning, and penetration testing to identify and remediate security vulnerabilities.
- You will stay abreast of emerging security threats, industry trends, and best practices in DevSecOps.
Qualifications
What Essential Skills You Will Need
- At least 5 years of security industry experience utilizing web/mobile application security and knowledge of the security / threat landscape.
- Proven experience in DevSecOps practices, including the implementation and management of DevSecOps tools such as GIT, SAST, DAST, Secret Scanning, and dependency scanning solutions.
- In-depth knowledge of application security principles, common vulnerabilities, and secure coding practices. Excellent knowledge of pen-testing tools and procedures for Web/Mobile.
- Experienced in vulnerability management, patching automation, and understanding of VA/PT techniques
- Strong programming skills in one of the languages (preferably Golang or Python)
- Experience with containerization technologies (e.g., Docker, Kubernetes) and cloud platforms (e.g., AWS, Azure, GCP).
- Demonstrated proficiency in setting up and managing CI/CD pipelines, particularly in platforms such as GitLab and Jenkins.
Additional Information
Life at Grab
We care about your well-being at Grab, here are some of the global benefits we offer:
- We have your back with Term Life Insurance and comprehensive Medical Insurance.
- With GrabFlex, create a benefits package that suits your needs and aspirations.
- Celebrate moments that matter in life with loved ones through Parental and Birthday leave, and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
- We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
What we stand for at Grab
We are committed to building an inclusive and equitable workplace that enables diverse Grabbers to grow and perform at their best. As an equal opportunity employer, we consider all candidates fairly and equally regardless of nationality, ethnicity, religion, age, gender identity, sexual orientation, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.