- DevSecOps, Architecture Review, Solution Review
- FSI, stable and permanent position
About Our Client This role is with a large organization within financial institution service. The company is well-established and known for its focus on technological innovation and delivering high-quality services to its customers.
Job Description As a DevSecOps Engineer, your main responsibilities will include:
- Drive the adoption of DevSecOps practices by integrating security checks, controls, and automation into CI/CD pipelines and software delivery workflows.
- Partner with engineering and platform teams to implement security controls across Infrastructure as Code, container platforms, Kubernetes environments, and cloud services.
- Define and maintain effective approaches for secrets management, vulnerability detection, configuration hardening, and runtime protection across development and production environments.
- Perform security design and architecture reviews for new initiatives and significant changes, providing pragmatic recommendations to reduce risk without slowing delivery.
- Evaluate security risks associated with applications, cloud infrastructure, data flows, AI-enabled components, and network exposure, and support teams in implementing proportionate mitigations.
- Contribute security expertise to incident handling activities, supporting investigation, containment, and lessons-learned improvements to tooling and processes.
- Support assurance activities such as internal reviews, external assessments, and compliance exercises, ensuring findings are addressed through engineering-led remediation.
- Continuously improve security ways of working by refining standards, guidelines, and operational playbooks aligned with evolving technologies and threats.
- Produce clear, outcome-focused security updates and risk insights for senior stakeholders and leadership.
The Successful Applicant A successful DevSecOps Engineer should have:
- Hands-on experience implementing security within DevOps or platform engineering environments.
- Strong understanding of CI/CD tooling, cloud-native architectures, containers, and Kubernetes, with practical security application.
- Experience conducting lightweight security architecture or design reviews in fast-moving delivery environments.
- Familiarity with identifying and managing risks related to applications, infrastructure, automation pipelines, and emerging technologies such as AI workloads.
- Exposure to audit, compliance, or regulatory-driven environments is an advantage.
- Ability to work collaboratively with engineers while communicating risks clearly to non-technical stakeholders.
What's on Offer - Attractive benefits package.
- Opportunities to work in a large organization within the insurance industry.
- Exposure to innovative technology and security practices in a dynamic environment.
- Supportive company culture with a focus on professional growth.
If you're ready to take the next step in your career, apply now for this exciting opportunity in Hong Kong!