DevSecOps - Xsolla
View Company Profile- Job Title
- DevSecOps
- Job Location
- Kuala Lumpur, Malaysia
- Job Description
- We’re searching for a proactive and experienced DevSecOps Engineer who thrives on solving complex information security issues and building innovative security processes from the ground up. At Xsolla, you’ll have the chance to implement secure practices, enhance CI/CD pipelines, and collaborate closely with DevOps and Developer teams to ensure our infrastructure and development processes are secure and scalable. You’ll be responsible for automating security measures, driving process improvements, and staying ahead of infrastructure vulnerabilities. If you’re passionate about Linux administration, cloud infrastructure, and implementing cutting-edge security solutions, this is your opportunity to leave your mark in the dynamic world of gaming. Join us and be a key player in securing the future of our digital infrastructure!RESPONSIBILITIES
- Implement and maintain secure software development lifecycle (S-SDLC) processes.
- Conduct internal audits of the company's infrastructure and perimeter security.
- Develop and automate Infrastructure as Code (IaC) and Policy as Code practices.
- Enhance CI/CD pipelines with robust security measures and tools, including SAST and DAST.
- Collaborate with product development, DevOps, and IT teams to identify vulnerabilities and implement process improvements.
- Research, introduce, and integrate new tools tailored to our infrastructure needs.
- Present and drive process improvement plans for the development teams, influencing secure coding practices.
- Participate in security architecture assessments for new services and support teams in containerizing applications.
- Conduct and develop training events to educate developers on security best practices.
REQUIREMENTS- Strong expertise in Linux administration and Gitlab CI/CD.
- Hands-on experience with popular CI/CD security tools (SAST, DAST, etc.).
- Familiarity with containerization technologies like Docker and Kubernetes (k8s), with an understanding of concepts such as ingress, pods, and services.
- Knowledge of cloud infrastructure providers (GCP, AWS, Azure) and experience securing cloud environments.
- Ability to configure and debug Nginx—understanding of the difference between proxy_pass and upstream, and how HTTP protocols and TLS/SSL work.
- Knowledge of PHP and its integration within secure pipelines is a plus.
- Ability to collaborate and influence cross-functional teams, particularly DevOps and Developers.
- Familiarity with typical infrastructure attacks and a solid understanding of threats vs. risks.
- Self-starter with strong initiative, ready to experiment with and explore new tools and technologies.
- Excellent communication skills to advocate for security improvements across teams.
- Upper-intermediate oral communication in English or higher.
Everything You Need, One Platform.
From job listings to startups, investors to funding rounds, and everything in between, Employbl puts the power in your hands. Why wait?
Start your free trial today!Stay Ahead of the Curve
Sign up for our newsletter to stay informed about the latest startups and trends in the tech market. Let Employbl be your guide to success.
Xsolla Company Size
Between 490 - 1,000 employees
Xsolla Founded Year
2005