CStack Security Engineer (GovTech)
CStack Security Engineer (GovTech)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are seeking a skilled and passionate Security Engineer to join our this role you will be responsible for ensuring the security compliance and resilience of our infrastructure and applications. You will work closely with cross-functional teams to monitor respond to and remediate security incidents across our cloud-native ecosystem.
Responsibilities:
Security Monitoring & Incident Response
Oversee and respond to alerts from AWS GuardDuty ensuring timely investigation and remediation of incidents.
Execute security playbooks to handle alerts and enhance them based on evolving threats and operational insights.
Vulnerability & Patch Management
Coordinate the identification and application of security patches across GitLab AWS and Kubernetes components.
Ensure that our infrastructure remains resilient to new vulnerabilities through regular patch cycles and proactive risk assessments.
Log Analysis & SIEM Management
Conduct weekly SIEM reviews to analyze security logs detect anomalies and escalate issues as necessary.
Collaborate with the SecOps team to refine monitoring strategies and alerting thresholds.
Reporting & Documentation
Prepare monthly SecOps reports summarizing incident trends response actions and areas for improvement.
Maintain and update documentation related to security processes incident response and playbooks.
Collaboration & Continuous Improvement
Work closely with development operations and other security teams to integrate security best practices into CI/CD pipelines and cloud deployments.
Proactively contribute to security strategy discussions sharing insights and recommendations for enhanced security posture.
Requirements:
Proven experience managing cloud security particularly within AWS environments (including GuardDuty IAM and other AWS security services).
Solid background in securing Kubernetes clusters (preferably on EKS) including experience with container security best practices.
Experience with SIEM tools and log analysis for threat detection.
Proficiency in applying security patches and vulnerability management across cloud and containerized environments.
Familiarity with CI/CD pipelines (GitLab or equivalent) and integrating security into DevOps practices.
Hands-on experience with incident response including following and refining security playbooks.
Working knowledge of networking encryption and other fundamental security concepts.
Security certifications for AWS (such as AWS Certified Security Specialty) and Kubernetes (such as Certified Kubernetes Security Specialist or equivalent) are highly desirable.
Soft skills:
Excellent problem-solving and analytical abilities with a keen attention to detail.
Strong communication skills to clearly articulate security issues and collaborate across teams.
Proactive mindset with the ability to work independently and in a fast-paced environment.
Adaptability and willingness to continuously learn and apply new security practices.
Employment Type
Full Time
