Back to job search

DevSecOps Engineer

Bangkok Bank (Bangkok, Bangkok City, Thailand)
Bangkok, Thailand 🇹🇭
Discover Bangkok Bank – Thailand’s largest commercial bank and one of the leading commercial banks in Southeast Asia. A pioneer bank with long progress of the country. Bangkok Bank has grown and matured with Thai people and their business interests and today is renowned for its size, stability and partnership approach. The bank is driving innovation in new products and services and building on its inherent scale advantages to meet the challenges of a changing financial landscape and consolidate its leadership position for the future.

About this position

The DevSecOps Engineer will collaborate with development, operations, and security teams to implement best practices, focusing on secure software delivery and infrastructure management.

Responsibilities

• Collaborate with development, operations, and security teams to implement DevSecOps best practices.
• Build and maintain automated CI/CD pipelines to enable efficient and secure software delivery.
• Integrate automation testing suites and automated security scanning software as part of the build pipeline.
• Write IaC for deployment of resources (compute, storage, networking etc) to Azure cloud.
• Setup and configure container platform in cloud for deploying microservices.
• Implement security controls and best practices to safeguard banking user journeys.
• Setup logging and monitoring infrastructure for all layers of the stack

Requirements

• Proven experience as a DevSecOps Engineer, with a strong focus on security in hybrid architecture environments.
• Experience in Azure cloud is preferred.
• Expertise in CI/CD pipelines, automation tools for testing web & mobile applications and cloud native backend services.
• Strong experience using IaC frameworks such as Terraform or Pulumi, for automated deployment of Cloud services to different environments.
• Experience in deploying container platforms for microservices (e.g., Docker, OpenShift, Kubernetes and Service Mesh such as Istio).
• In-depth knowledge of security principles, secure coding practices, and compliance standards.
• Familiarity with security scanning tools (e.g., SAST, DAST, IAST), vulnerability management and OWASP.