DevSecOps Engineer

Powerverse

Kuala Lumpur
Permanent
Full-time

30 days ago

About Us:At Powerverse, we are eEmpowering people and communities to run their lives on sustainable new energy with ease. Our teams Build Products that Matter, and we value being Bold, Responsible, and Trusted.Powerverse is a leader in the growing Energy Management market and is owned by Lightsource bp. We are repowering a smart, connected, electric world that is convenient, economical, and clean. We help companies and consumers benefit from reduced energy prices at lower costs to go green. We make it simpler to shift to an electric world with easier buying, installation, and service journeys by taking away the option overload with our smart AI and automation at the premises.Job Overview:As a DevSecOps Engineer at Powerverse, you will play a key role in designing, implementing, and maintaining secure and efficient cloud and IoT solutions for the energy industry. You will collaborate closely with development, operations, and security teams to integrate security best practices into every stage of the development lifecycle. This position offers an exciting opportunity to work on cutting-edge projects that drive innovation and transformation in the energy sector while ensuring the highest levels of security and compliance.Key Responsibilities:1. DevSecOps Implementation

Design, implement, and maintain DevSecOps processes and practices to ensure the seamless integration of security into development, deployment, and operations workflows.

Automate security controls and compliance checks using configuration management tools, continuous integration/continuous deployment (CI/CD) pipelines, and infrastructure-as-code (IaC) frameworks.
Collaborate with development teams to incorporate security requirements and best practices into software design, coding, testing, and deployment processes.

2. Cloud and IoT Integration:

Implement and maintain security controls, configurations, and monitoring for cloud-based infrastructure and IoT devices to protect against cyber threats and vulnerabilities.
Conduct security assessments and vulnerability scans of cloud environments and IoT deployments, identifying and remediating security issues in a timely manner.
Implement encryption, access controls, identity management, and other security measures to safeguard data and ensure compliance with industry regulations and standards.

3. Incident Response and Threat Detection:

Develop and maintain incident response plans and playbooks to effectively detect, respond to, and recover from security incidents and breaches.

Monitor cloud environments and IoT networks for signs of unauthorized access, malicious activities, and security incidents, leveraging security information and event management (SIEM) tools and threat intelligence feeds.
Investigate security incidents, conduct root cause analysis, and implement remediation actions to prevent recurrence and strengthen security posture.

4. Security Automation and Tooling:

Evaluate, implement, and manage security tools and technologies to enhance security automation, threat detection, and incident response

capabilities. * Develop custom scripts, tools, and integrations to automate security tasks, streamline workflows, and improve operational efficiency.

Stay up-to-date on emerging security trends, technologies, and best practices, continuously evaluating and recommending new tools and techniques to enhance security posture.

Requirements:

Bachelor's degree in Computer Science, Information Security, or a related field; advanced degree preferred.
Proven experience (3 years) in DevOps, software development, or system administration roles, with a focus on security and compliance.

Strong technical expertise in cloud computing platforms (e.g., AWS, Google Cloud), IoT technologies, and containerization (e.g., Docker, Kubernetes).
Hands-on experience with security tools and technologies such as intrusion detection/prevention systems (IDS/IPS), firewalls, vulnerability scanners, SIEM platforms, and identity and access management (IAM) solutions.
Familiarity with security frameworks and standards such as NIST Cybersecurity Framework, CIS Controls, ISO 27001, and GDPR.

Excellent scripting and programming skills (e.g., JavaScript/TypeScript, Python, Bash) for automation and tool development.

Experience deploying and managing SDLC automation tools (e.g., Jenkins, Ansible, Git / Bitbucket, Robot Framework)
Experience implementing CI/CD pipelines.
Strong analytical and problem-solving skills, with the ability to assess complex security issues, prioritize tasks, and drive resolution.
Excellent communication skills, with the ability to effectively collaborate with cross-functional teams and communicate security concepts to technical and non-technical stakeholders.

Why Join Us:Join a dynamic and innovative team that values creativity, collaboration, and customer focus. You will have the opportunity to make a significant impact on our customers' experiences and contribute to the growth and success of our business.If you are passionate about creating meaningful customer experiences and driving customer engagement, we encourage you to apply and be part of our exciting journey!

Powerverse

Apply Now