Reports to: Infrastructure Manager – DevOps and Modernization
To perform as the DevSecOps subject matter expert (SME) in DevOps team in managing the operations in optimizing and governing the cloud security architecture and standard including but not limited to infrastructure, network, application and database.
To perform as the security and application quality SME in the site reliability team in managing the high severity IT B2C/B2E web/mobile incidents. To collaborate with IT Teams of different domains to ensure proper cloud security design is in place.
- Provide vulnerability assessments of customer’s cloud assets, deliver remediation recommendations, and provide knowledgeable assistance in resolving identified vulnerabilities.
- Develop, drive, implement and optimize dev-sec-ops process and automated pipeline to improve the end-to-end security in line with a passion DevOps Team
- Manage high severity IT B2C/B2E web/mobile cloud security incident during office and non-office hours.
- Define and champion the use of the security architecture, standards, procedures and best practice
- Ensure the application team fully understand, follow and champion the application architecture, technology standards and patterns as defined within Information Management
- Monitor and ensure compliance to corporate control standards for quality and security
- Interface with other IT areas, sharing technical security knowledge and expertise, and resolving issues as necessary, using specialist information to enable others to deliver
- Provide technical leadership and escalation support for the resolution of incidents and problems within the production, staging and test environments
- Provide expert level support in the area of technical specialization, ensuring prompt and accurate resolution of challenges
- Communicate the proposed security solutions to the stakeholders and help to guide decisions regarding trade-offs that impact the requirements
- To provide technical advice to Information Management (IM) colleagues on the secure use of the cloud Infrastructure and integration of various business applications onto the Cathay Pacific Infrastructure
- Show initiative and makes time available to ensure general technical security competencies and specializations are kept up-to-date in line with industry developments for self and team
- Technical degree holder with minimum of 6 years IT experience, at least 2 years of DevOps / DevSecOps experience
- Must have professional competency in B2C/B2E web/mobile infrastructure, network, application and database components, with a broad understanding of other current and emerging technologies
- Passion with latest bleeding-edge technologies related to security with proven track-record in leading technology evaluation and adoption.
- Experience in performing security vulnerability assessments, knowledgeable in regulations like PCI and SOX, and may have a CISSP or equivalent security accreditation.
- Ability to listen and articulate ideas verbally, and in the written form, to a broad range of audiences; ability to ask probing questions and deliver presentations
- Well-developed analytical, problem-solving, decision-making and critical thinking skills, leveraging both logic and creativity; strong troubleshooting and root cause analysis skills; ability to identify patterns and generate informed ideas
- With sound knowledge and experience in some of the below areas:
- dev-ops / dev-sec-ops implementation and operation.
- infrastructure configuration and management of middleware servers (e.g. Tomcat Application Server, Adobe Experience Manager, Oracle Database etc)
- infrastructure configuration and management of Open Source platforms and software (e.g. Linux, Nginx, Apache, MySQL, MongoDB and Redis, etc).
- implementation and operation of Public Cloud Services and its managed services (e.g. AWS, Azure and Google Cloud and their security groups)
- Network design, configuration and monitoring (e.g. VPC, ELB and IPSec etc)
- Deployment automation, orchestration, and monitoring tools (e.g Docker, Kubernetes, Jenkins, Ansible, Terraform, Kibana, Cloud Foundry and AppDynamics)
- Application design and database design
- Knowledge and experience of professional software engineering practices & best practices for the full software development life cycle, including coding standards, code reviews, source control management, build processes, testing, and operations
- Experience developing software foundations and environments for application development. Good understanding of technology concepts, trends and capabilities.
- Experience in highly available, highly scalable and highly secure architectures
- Willing to involve in application development.
- Occasional non-office hour work will be required to support the smooth operation of B2C/B2E web/mobile cloud infrastructure and application environment.
Personal & Application Information
Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our personal data policy and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. All related information will be kept in our file for up to 24 months. A copy of our Personal Information Collection Statement will be provided upon request by contacting our Data Protection Officer.
Please note that with effect from 1 December 2021, all employees must be vaccinated in order to access Cathay City and all other Cathay Group Company premises in Hong Kong. Consideration will be given to those who are unable to get vaccinated for valid medical reasons.