Senior DevSecOps Engineer
Kyiv, Kyiv City
System Department – Infrastructure Team /
On-site
Ajax Systems is an international technology company, the largest developer and manufacturer of security systems in Europe.
The startup, created in 2011 in Ukraine, scaled into an international product company. Ajax security systems protect more than 2.5 million users in 169 countries. The company works with 150,000 installers in key markets.
Ajax Systems has a central office, an R&D department, and two full-cycle productions in Ukraine; the representative offices in the UAE (Dubai), Great Britain, Italy, Spain, and teams in many other regions; and a logistics hub in Poland.
The company has more than 3,000 employees, including 500 development engineers and 1,200 production workers.
Ajax products are a whole ecosystem of 135 devices, mobile and desktop apps, and server infrastructure.
The product line includes control panels, motion detectors, opening detectors, flood prevention, fire detectors, street and home sirens, alarm buttons with the appliances control function, smart sockets, and relays.
Our infrastructure is a part of the product that is invisible to the end user, but critical to the life of the entire system. The safety of our users and their property depends on our uptime. We are constantly developing our cloud solutions and this requires automating our infrastructure, testing and improving its fault tolerance. For this purpose we are looking for Senior DevSecOps Engineer.
Requirements:
- 5+ years of experience in IT, with a focus on DevOps and security.
- 3+ years of proven experience in a DevSecOps role or a similar position.
- 3+ years of experience with AWS common stack: VPC, EC2, S3, RDS, Elasticache, Route53, Lambda etc.
- 3+ years of experience with AWS security stack: CloudTrail, IAM, KMS, WAF, GuardDuty, Inspector, Macie etc.
- 3+ years of experience with managing Linux-based systems, TCP/IP networking.
- 3+ years of experience with IaC and config management tools such as Terraform, Terragrunt, Ansible.
- Experience with git, Docker, Jenkins etc.
- Understanding of regulatory requirements and industry standards(SOC2, ISO27001, PCI DSS etc)
- Excellent understanding of securing data in transit and at rest.
Desirable:
- Kubernetes (AWS EKS) + Helm.
- Message brokers: NATS, Kafka.
- Databases: MongoDB.
- Hashicorp tools: Vault, Packer.
- Monitoring/Alerting: Datadog, OpsGenie.
- Certification in a cyber security field such as: AWS Security Speciality, CISSP, CSSLP etc.
Responsibilities:
- Security Integration: Incorporate security best practices and controls into the DevOps pipeline, ensuring that security is an integral part of the development process.
- Security Automation: Develop and maintain automated security testing and monitoring tools to identify vulnerabilities and threats in the codebase and infrastructure.
- Vulnerability Management: Continuously scan for and assess vulnerabilities in software and infrastructure components, and coordinate their timely remediation.
- Incident Response: Lead or participate in incident response activities, investigating security breaches, and coordinating with the incident response team to mitigate and prevent future incidents.
- Infrastructure Security: Implement and manage security controls for cloud and on-premises infrastructure, including identity and access management, network security, and data protection.
- Security Monitoring and Incident Detection: Set up and maintain real-time security monitoring and alerting systems to detect and respond to security incidents quickly.
- Security Tool Evaluation: Evaluate and select security tools and technologies that enhance the security of the DevOps pipeline and infrastructure.
- Security Auditing: Conduct security audits and assessments of the DevOps environment, identifying areas for improvement and implementing necessary changes.
- Emergency Response Planning: Develop and maintain incident response plans, including communication protocols and disaster recovery procedures.
With us you will enjoy:
- Working with a team of people to build the future of an industry.
- Non-trivial challenges and various specter of interesting tasks.
- A flexible, friendly and collaborative work environment.
- Corporate culture based on common sense.
- Opportunities to influence the creation of new products and their quality.