OpenMeets
← Back to jobs
Rexy Technology

Senior / Lead DevSecOps Engineer AWS, Azure, Go

Rexy Technology

ITviec
Vietnam2 months ago
DevSecOpsCloudAzurePythonDevOpsAWS
Apply Now

Job Description

Top 3 Reasons To Join Us The Job

We are looking for a dedicated **DevSecOps Engineer** to build, automate, and maintain the security framework for our fintech platform. In this role, you will focus on implementing "Security-as-Code" to ensure our financial applications and AI-driven features remain secure and reliable.

You will be responsible for hands-on technical tasks, from hardening **Docker** environments to securing **AI models**, all while maintaining strict adherence to **PCI DSS** standards. This is a perfect opportunity for an engineer who thrives on technical execution and wants to scale a secure, modern fintech ecosystem.

 

Key Responsibilities

  • CI/CD Security Integration : Design, implement, and manage **security gates** within CI/CD pipelines (e.g., GitHub Actions, GitLab CI) by integrating **SAST, DAST, and SCA** tools to detect and block vulnerabilities early in the delivery lifecycle.
  • Cloud Engineering (AWS or Azure) : Design, secure, and operate multi-account / multi-subscription cloud environments. Implement **IAM/RBAC**, security baselines, network segmentation, and cloud-native security services (e.g., Azure Defender, Microsoft Sentinel, AWS Security Hub, GuardDuty).
  • Container Security : Secure the full **Docker lifecycle**, including base image hardening, container image scanning, secure registries, runtime protection, and container orchestration security.
  • Infrastructure as Code (IaC) : Build, maintain, and scale cloud infrastructure using **Terraform**, ensuring all environments are **reproducible, auditable, and version-controlled**, with zero manual configuration drift.
  • AI Model & Data Security : Implement security controls for **AI / Machine Learning workflows**, focusing on protecting model endpoints, securing API integrations, controlling access to training and inference data, and preventing data leakage.
  • PCI DSS Compliance & Security Controls : Act as the **Technical lead for PCI DSS** requirements, including: Vulnerability scanning (internal & ASV)
    • Vulnerability scanning (internal & ASV)
    • File Integrity Monitoring (FIM)
    • Centralized logging and audit trails
    • Secure network segmentation and access control
  • Threat Modeling & Incident Response : Conduct threat modeling for new features and architectural changes. Lead technical response efforts during **security incidents, data breaches, or major cloud outages.
  • Vulnerability Management : Own the end-to-end vulnerability management process across applications, containers, cloud infrastructure, and third-party dependencies, from identification and risk prioritization to remediation and verification.
Your Skills and Experience
  • Experience:  5+ years of hands-on experience in DevOps, SRE, or Security Engineering, with a proven track record of implementing Shift-Left security practices.
  • English Proficiency:
    • Strong spoken and written English.
    • Ability to communicate confidently with external vendors and partners, including penetration testing teams, stress/load testing providers, and security auditors.
  • Cloud Platforms: Strong proficiency in either AWS or Azure, with deep experience in cloud security services such as AWS Security Hub, GuardDuty, or Azure Defender / Microsoft Sentinel.
  • Containerization:  Expert-level knowledge of Docker and hands-on experience securing and operating containerized workloads in production.
  • Infrastructure Automation: Advanced skills in Terraform and scripting (Python, Bash, or Go) to automate infrastructure provisioning and security workflows.
  • Financial & Security Compliance:
    • Direct, hands-on experience implementing and maintaining PCI DSS technical controls.
    • Familiarity with SOC 2, ISO 27001, or NIST frameworks is a strong advantage.
  • Collaboration & Communication:  Ability to work effectively with Developers, Product Managers, and Security stakeholders to balance delivery speed with robust security practices.
  • Databases:   Experience with PostgreSQL, MySQL, and MongoDB (including HA setups, replication, backup strategies, and performance tuning).
  • Networking & Infrastructure:   Solid understanding of networking fundamentals, including DNS, load balancing, CDN, firewalls, and network segmentation*
  • Monitoring & Observability:  Hands-on experience with monitoring and observability tools such as Prometheus, Grafana, ELK Stack, CloudWatch, or equivalent platforms.

Nice to Have

  • Experience working in fintech, payments, or regulated industries
  • Prior involvement in security audits and coordination with external assessors
  • Knowledge of zero-trust architecture or security platform engineering
  • Mentoring or leading other DevOps / security engineers
Why You'll Love Working Here
  • Own and shape the security architecture of a modern fintech platform
  • Work on AI-driven products with real-world security impact
  • High level of technical autonomy and ownership
  • Opportunity to influence security strategy, tooling, and engineering culture

Benefits

  • Own and shape the security architecture of a modern fintech platform
  • Work on AI-driven products with real-world security impact
  • High level of technical autonomy and ownership
  • Opportunity to influence security strategy, tooling, and engineering culture