0 suggestions are available, use up and down arrow to navigate them
What job do you want?

Create Job Alert.

Get similar jobs sent to your email

Apply to this job.
Think you're the perfect candidate?
Senior Security Engineer at GXS BANK PTE. LTD.

Senior Security Engineer

GXS BANK PTE. LTD. Singapore Full-Time
About The Team

We are the bank's security engineering team - our mission is simple - we make sure that we build and leverage secure systems and operate them at production scale in a secure way. Our engineering teams move fast and are constantly innovating, and our security engineers need to ensure we provide the right tools and processes to help them move at high velocity.

We are a builder function, we build tools and processes that bring to life the banks security standards and policies. We use security metrics to make continuous improvements to security controls and culture. We strive for automation and love Jira tickets. What is not measured, can not be improved.

Get to know the Role:

We are seeking security engineers who are excited about shaping the future of information security by building security tools to identify and eradicate vulnerabilities across all stages of the software development lifecycle.
Our team covers line one control ownership of multiple domains, including cloud, DevSecOps, privileged access management, runtime, containers, kubernetes, cryptography, SaaS security and automated response.
You will work on a public cloud security program with an aim of real-time vulnerability identification and automatic remediation.
You will work with public cloud, terraform, commercial cloud posture security management tools, open-source kubernetes admission controllers (Kyverno) and build tools that automate our security posture.

The day-to-day activities:

Design and implement cutting edge preventative and detective controls
Shift security left in the engineering life-cycle by implementing commercial, security tools and scanners.
Collaborate with experienced security engineers and engineering squad leads to research and build solutions geared towards identifying security issues at scale
Evaluate/extend/contribute to existing open-source security tools and integrate them into pipelines.
Constantly evaluate our progress and work on solutions to raise our security bar at scale. You understand that security is a continuous, ever evolving process.
Design and implement cutting edge security tools and scanners, including static application security testing (SAST) and dynamic application security testing (DAST).
Design and implement an automated security scanning solution for cloud infrastructure as code, experience using Sentinel policies for Terraform is preferred.

The must-haves:

An understanding of public cloud security and cloud native security services is a plus
An understanding of common global and industry standard control frameworks (CIS, NIST800-53, PCI-DSS)
Should have relevant experience of 3 to 5 years
Experience with scripting/programming security automation. While you do not need to be a full time programmer, we do strive for automation and are required to glue a lot of our processes together. Go, Python, etc.
Experience with container platforms and frameworks is preferred (AWS EKS, Docker, Kubernetes, Admission Controllers, Kyverno).


Recommended Skills

  • Application Security
  • Automation
  • Build Tools
  • Computer Programming
  • Criminal Justice
  • Cryptography
Apply to this job.
Think you're the perfect candidate?

Job ID: d695b2d3927fd9b2