DevArchitect
← Back to jobs
Laidon Group

DevSecOps Engineer

Laidon Group

ITviec
Vietnam11 days ago
DevSecOpsCI/CDEnglishSAPCloudDevOps
Apply Now

Job Description

Top 3 Reasons To Join Us The Job

Role Overview

The DevSecOps Engineer is responsible for integrating security best practices into our DevOps platforms and product environments. This role operates independently from delivery ownership to ensure objective risk identification, reporting, and mitigation.

You will collaborate closely with DevOps, engineering, and product teams to promote secure development practices while maintaining transparency and governance over security risks.

 

Key Responsibilities

1. Vulnerability Management – DevOps Platforms

  • Track and follow vulnerabilities related to:
    • CI/CD tools (e.g. Jenkins, GitLab, wiki, agents)
    • Container platforms and base images
    • OS packages, middleware, and supporting services
  • Coordinate patching and remediation with DevOps engineers
  • Maintain a central vulnerability follow-up list (with severity and status)

2. Security & Network Review

  • Review and document:
    • Cloud and on-prem network architecture
    • Firewall rules, NAT rules, VPNs, access paths
    • CI/CD system access and segregation of duties
  • Identify security gaps and improvement opportunities
  • Propose remediation actions and track closure

3. Security Standards & Best Practices

  • Promote and enforce secure coding standards
  • Assist development teams in implementing security controls
  • Integrate security testing into CI/CD pipelines (SAST, DAST, dependency scanning)
  • Contribute to security documentation and internal guidelines

4. Reporting & Governance

  • Maintain clear reporting of security risks and remediation status
  • Provide visibility into security posture across platforms and products
  • Escalate critical risks appropriately
  • Ensure security assessments remain independent from delivery timelines
Your Skills and Experience

Required Qualifications

Technical Skills

  • Understanding of DevOps practices and CI/CD workflows
  • Knowledge of application and infrastructure security principles
  • Familiarity with vulnerability management tools
  • Basic understanding of cloud platforms (AWS, Azure, GCP, SAP BTP)
  • Awareness of container technologies (Docker, Kubernetes)
  • Understanding of secure coding practices

Soft Skills

  • Strong analytical and problem-solving skills
  • Clear and effective communication abilities
  • Ability to collaborate cross-functionally
  • High level of integrity and objectivity
  • Eagerness to learn and grow in the DevSecOps domain

Preferred Qualifications

  • Experience integrating security tools into CI/CD pipelines
  • Familiarity with security frameworks (ISO 27001, OWASP, NIST)
  • Relevant certifications (e.g., Security+, CEH, DevSecOps-related credentials)
Why You'll Love Working Here
  • 15 days of annual leaves
  • Competitive salary (+13-month salary include) 
  • Health insurance, social insurance according to the government regulations 
  • PVI Healthcare Insurance 
  • Have a chance to work in an international, friendly, open environment 
  • Annual Travel opportunity

Benefits

  • 15 days of annual leaves
  • Competitive salary (+13-month salary include) 
  • Health insurance, social insurance according to the government regulations 
  • PVI Healthcare Insurance 
  • Have a chance to work in an international, friendly, open environment 
  • Annual Travel opportunity