Infrastructure Security- Cloud security Engineer (DEVSECOPS)
1. Engineering – Security Engineering
About the Role
At Hotstar, we have over 300 million users and capture close to a billion click stream messages daily. The engineering team at Hotstar is at the centre of the action and is responsible for creating unmatched user experience. Our engineers solve real life complex problems and create compelling experiences for our customers.
The Security team helps secure Infrastructure that run the Hotstar business, streaming product, live broadcast and social gaming. As devsecops engineer you would be developing software tools that work reliably at scale and extending our operational excellence around securely operating a large cloud infrastructure.
We need passionate hacker who derives purpose in life by finding potential weaknesses and then crafting creative solutions to eliminate those weaknesses. The pace of our growth is incredible – if you want to tackle hard and interesting problems at scale, and create an impact within an entrepreneurial environment, join us!
Your Key Responsibilities
- Knowledge of the DevOps culture and principles.
- Identify security flaws and vulnerabilities in infrastructure
- Develop a procedural set of responses to security problems
- Deep understanding of the computer science and its application
- Understand VMs, docker containers and their orchestration with its challenges (e.g. Kubernetes, docker)
- Strong understanding of network concepts including TCP/IP, HTTP and TLS, DDoS detection/prevention, and network and host anomaly detection through both automated (NIDS/HIDS) and manual means.
- A good knack for automating infrastructure security as much as possible
What to Bring
- Worked with a service mesh to encrypt communication
- Experienced in large scale distributed system
- Experience in tools for securely accessing secrets (e.g. Vault)
- Experience with configuration management: Terraform,Puppet, Chef, Ansible etc
- You play a key leadership role in assisting software development teams in securely architecting/operating their software applications by aligning to the SE secure software development principles, industry standard methodologies, compliance and privacy requirements.
- You will be a high-level individual contributor who will lead security architecture assessments, build and drive security standards and design capabilities to hold development teams accountable to reducing and improving trust with SE employees, partners, and customers.
- You will build, promote and scale the best DevSecOps practice across the company globally and drive adoption of tools and practices as the teams transform to DevSecOps.
- Willing to learn
- Zero tolerance for security vulnerabilities and process inefficiency
- Always look for opportunities to optimize, automate and secure the daily workflow
- See beyond the current norm of operation, then design and implement solutions in stages
- Great communication skills in building culture for other engineers to do the same