Senior Devsecops

job description

**Senior DevSecOps / SRE**:

- Remote, Singapore, Phnom Penh, Bali, Yerevan
- Software Engineering
- Tech Lead, Software Engineer, Solution Architect, DevOps
- Web Frontend, Agile Practices, Backend, Cloud Computing, QA & Testing

**About Slash**

Slash is a hi-tech startup studio with a mission to build tech products that change the world. Our clients are global. In addition, we build and invest our own startups and commercialize them through joint ventures in ASEAN and Europe. We work on a wide-range of technologies: web, mobile, AI, blockchain, cloud, microservices & middlewares, security & infrastructure, etc.
Slash has headquarters in Singapore and community-oriented R&D hubs in Phnom Penh, Yerevan, Bali, Yogyakarta, Jakarta and Bandung. We are a team of 50+ entrepreneurs, engineers, hackers, and full-stack developers with unique capabilities in web, mobile, AI, and Blockchain.

**Role and responsibilities, and how will the role impact Slash?**

Slash is looking for a dynamic Senior DevSecOps / SRE to help us stay at the cutting-edge of software development. If you’re into dockers, kubernetes, CI/CD pipelines, GitOps, security, architecturing, automating, monitoring and securing cloud infrastructure on AWS Cloud, this is for you.
You will be a thought leader in the company to:

- Lead the advancement of DevOps and SRE processes and standards across our clients.
- Provide technical guidance and mentorship to cross-functional teams, ensuring successful product delivery.
- Stay up-to-date with the latest DevOps and SRE trends and tools to drive innovation and improvement.
- Take ownership of implementing best practices for reliability, scalability, and security.
- Collaborate with solution architects, scrum masters, developers, and clients to strategize and implement effective solutions.
- Drive the establishment and maintenance of CI/CD pipelines, from dependency management to deployment.

**How do you know if you are a good fit?**
- Bachelor’s degree in Computer Science and Engineering or a related field, or equivalent experience.
- 5+ years of professional experience as a DevOps Engineer or Site Reliability Engineer.
- Experience in managing a small team of DevOps / SRE engineers in an Agile environment.
- Strong AWS hands-on experience including preferably (but not limited to): Well architected framework on managing multiple AWS accounts, managing multiple production EKS clusters, EC2/Autoscaling, Load balancer, Secret Manager/KMS, measuring and delivering CIS compliance of a multi-region, multi-account platform.
- Certified AWS Solution architect associate/professional level and/or Certified Security Specialty is a good bonus.
- A strong bonus would be experience on Global or multi region architecture design knowledge with AWS Global accelerator or multi region setup on EKS, Networking (VPC, Subnet, Peering, Transit Gateway, Route53)
- Strong knowledge or experience in setting Secure and Reliable design and tools for AWS cloud such as: AWS Inspector and GuardDuty, Well architected on DNS security, VPC (Security group, NACL), WAF, Firewall, data access, least privilege, need-to-know, strong with IAM and policy. Able to design the secure solution involving networking, encryption, secret management, dns security, data privacy, ensuring availability, resilient, secure.
- Ability to review the resources and provide input on security points to improve. Awareness of risk as a key drive for Availability, Reliability and Security
- 3-5 year hands-on experiences with containerization (Docker, EKS, Kubernetes): managing multiple EKS workload, debugging and troubleshooting with EKS/Kubernetes, Helm chart usage, best practice on kubernetes.
- Hands on experience securing a Kubernetes environment
- Experience in setting Strong CI tools and flow preferably using CircleCI workflow, context, orbs.
- Experience integrating security into the development process and CI/CD pipelines to find and fix security vulnerabilities early in the development lifecycle including SAST and DAST tooling
- Experience in Infrastructure As Code (IaC), preferably using Terraform for AWS: Terraform cloud workspace, state management, terraform module (KMS, EKS, VPC, etc ), creation of custom module, and setup for multiple account and environment
- Experience in Observability and Monitoring using Datadog, Elastic Cloud Observability, AWS Cloudwatch, CloudTrail and integrating third party threat monitoring tools with AWS.
- Experience in using one or multiple artifacts repository management (Artifactory Jfrog, NPM repository, Helm Chart repositories, etc)
- Java knowledge and troubleshooting experience in a Microservice environment would be a great plus.
- Programming experience or knowledge in NodeJs, Python, Go are a plus
- Strong expertise in software development and agile methodologies, with full-stack software development experience as a plus.
- Ability to strategize and weigh options, considering pros and cons of new