DevSecOps Security Specialist

Job Title: DevSecOps Security Specialist
Location: Petaling Jaya, Selangor
Industry: Industrial and Manufacturing - Shared Services

Job Description:

We are looking for a hands-on and highly collaborative DevSecOps Security Specialist to join our cybersecurity team. In this role, you will work closely with our DevSecOps Security Architect and product teams to integrate and maintain security tools within CI/CD pipelines, lead secure coding initiatives, and ensure that security is embedded throughout the software development lifecycle. This is an exciting opportunity for a security-savvy professional who thrives in a fast-paced DevOps environment.

Key Responsibilities:

• Collaborate with development and product teams to embed security into DevOps processes, ensuring secure application and infrastructure deployment.

• Design and architect scalable security solutions that align with DevSecOps principles and comply with industry standards and regulations.

• Develop, implement, and maintain security policies, standards, and procedures to ensure compliance with OWASP Top 10, CWE Top 25, SANS 25, and other frameworks.

• Conduct DevOps/DevSecOps maturity assessments to evaluate and enhance security practices within development teams.

• Manage and integrate application security testing tools (SAST, SCA, DAST, IAST) for vulnerability scanning and analysis.

• Work cross-functionally to embed security into all stages of the software development lifecycle.

• Stay current on emerging security threats, vulnerabilities, and technologies, and communicate risks to senior leadership.

• Advocate for secure coding practices and serve as a subject matter expert on application security.

• Automate security checks within tools such as Azure DevOps, Jenkins, and GitHub Actions, and support developers in vulnerability remediation.

Required Skills:

• Strong understanding of DevOps tools and processes, network security, cryptography, and application/cloud security.

• Solid background in web application architecture, design, and development (experience with embedded systems is a plus).

• Hands-on experience with security frameworks such as GDPR, OWASP Top 10, CWE Top 25, ISO 27001, and IEC 62443.

• Proficiency with tools such as Git, Azure DevOps, Visual Studio/VS Code, Eclipse, or similar development environments.

• Experience with security testing platforms like Coverity (SAST), BlackDuck SCA, BlackDuck Binary Analysis (BDBA), and CodeDX (SRM) is an advantage.

• Excellent analytical and problem-solving skills.

• Strong interpersonal and communication skills for working with internal teams and external vendors.

Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, or a related field.

• Minimum of 5 years of experience in software development and application security architecture/development.

• Industry certifications such as CISSP, CISM, CSSLP, or CEH are preferred.

Additional Information:

• Competitive salary and comprehensive benefits package.

• Opportunities for career advancement and professional development in a global enterprise setting.

• A collaborative environment where your contributions are valued.

Apply Now!