DevSecOps Engineer (English-required)

Hỗ trợ đời sống Việc làm - thực tập
, ,
1

Hiring company: Laidon Vietnam JSC
Open position: DevSecOps Engineer

About Laidon

Laidon, a Certified SAP Partner, operates globally with offices in the US, Japan, and Vietnam, and sales presence in Australia, Germany, England, and Singapore.

Laidon developed SimpleMDG, a powerful master data governance solution on SAP BTP that fortifies master data foundations, enhances operational excellence, ensures compliance, and drives innovation at scale.

With over 100 out-of-the-box S/4HANA data objects and workflows, SimpleMDG supports powerful governance while eliminating the need for slow, complex, and expensive customizations. SimpleMDG is the master data governance and management platform for enterprises running SAP.

Role Overview

The DevSecOps Engineer is responsible for integrating security best practices into our DevOps platforms and product environments. This role operates independently from delivery ownership to ensure objective risk identification, reporting, and mitigation.

You will collaborate closely with DevOps, engineering, and product teams to promote secure development practices while maintaining transparency and governance over security risks.

Responsibilities

1. Vulnerability Management – DevOps Platforms

  • Track and follow vulnerabilities related to:
  • CI/CD tools (e.g. Jenkins, GitLab, wiki, agents)
  • Container platforms and base images
  • OS packages, middleware, and supporting services
  • Coordinate patching and remediation with DevOps engineers
  • Maintain a central vulnerability follow-up list (with severity and status)

2. Security & Network Review

  • Review and document:
  • Cloud and on-prem network architecture
  • Firewall rules, NAT rules, VPNs, access paths
  • CI/CD system access and segregation of duties
  • Identify security gaps and improvement opportunities
  • Propose remediation actions and track closure

3. Security Standards & Best Practices

  • Promote and enforce secure coding standards
  • Assist development teams in implementing security controls
  • Integrate security testing into CI/CD pipelines (SAST, DAST, dependency scanning)
  • Contribute to security documentation and internal guidelines

4. Reporting & Governance

  • Maintain clear reporting of security risks and remediation status
  • Provide visibility into security posture across platforms and products
  • Escalate critical risks appropriately
  • Ensure security assessments remain independent from delivery timelines

Your Skills and Experience

Technical Skills

  • Understanding of DevOps practices and CI/CD workflows
  • Knowledge of application and infrastructure security principles
  • Familiarity with vulnerability management tools
  • Basic understanding of cloud platforms (AWS, Azure, GCP, SAP BTP)
  • Awareness of container technologies (Docker, Kubernetes)
  • Understanding of secure coding practices

Soft Skills

  • Good English communication required
  • Strong analytical and problem-solving skills
  • Clear and effective communication abilities
  • Ability to collaborate cross-functionally
  • High level of integrity and objectivity
  • Eagerness to learn and grow in the DevSecOps domain

Preferred Qualifications

  • Experience integrating security tools into CI/CD pipelines
  • Familiarity with security frameworks (ISO 27001, OWASP, NIST)
  • Relevant certifications (e.g., Security+, CEH, DevSecOps-related credentials)

Why You’ll Love Working Here

  • 15 days of annual leaves
  • Competitive salary (+13-month salary include)
  • Health insurance, social insurance according to the government regulations
  • PVI Healthcare Insurance
  • Have a chance to work in an international, friendly, open environment
  • Annual Travel opportunity

How to Apply?