Senior DevSecOps Engineer
Lucid Motors
- Riyadh
- Permanent
- Full-time
- Responsible for implementing various Security Postures on OCI and other Cloud Providers in the region of Saudi.
- Responsible for detecting, remediating and preventing the software security threats in Cloud Services deployed across global regions
- Implement security tools but not limited to code scanners such as SAST, DAST & API to proactively prevent software security vulnerabilities from being elevated to production
- Enable CI/CD processes to detect security vulnerabilities at code development.
- Enforce remediation strategy by inspecting the threat, analyzing the impact and taking action with sense of urgency.
- Apply security Patches to OCI and Cloud Services as new threats are discovered.
- Implement security guardrails that prevent security vulnerabilities while provision Cloud Infrastructure and Cloud services.
- Monitor and Alert threats as discovery by security tools on OCI and by Prisma Cloud.
- Work on various Cloud Infrastructure initiatives to address security gaps on OCI by securing ALBs, NLBs and Application Endpoints that are access from Mobile App and Lucid vehicles
- S. or M.S. degree in Computer Science, Engineering.
- 6+ years of experience in implementing DevSecOps on multiple cloud providers such as AWS, GCP, OCI, Azure and others with Hands-on coding ability to code security postures.
- 2+ years of in-depth experience in building secure cloud-based solutions, enabling security policies, and implementing tools & services on Private or Public Cloud Providers
- 2+ years of experience in using Terraforms, Ansible and other tools to automate IaC that is testable and easy to maintain and manage for diverse environment needs.
- 3+ years of experience in using Kubernetes or other deployment orchestrator and management mechanisms.
- 3+ years of experience in building CI/CD processes and pipelines to enable 1-click and self-managed deployments.
- 3+ years of experience in providing security postures to big-data solutions, API Gateways and Microservices used in IoT space.
- Ability to go above and beyond to support the team when in crisis and willing to participate on team's on-call rotation to support the production.