DevSecOps Engineer, Infrastructure Security
Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 280 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.
We are looking for a seasoned Infrastructure Security Engineer (DevSecOps) professional to join our ranks and help us to secure and automate our platform. The ideal candidate can not only handle complex technical challenges, but also have the ability to make things simple and intuitive. You should have an aptitude for identifying technical debt and the ability to standardize processes and systems in zero-trust fashion.
In this role, you will be responsible for leading the design and implementation of security solutions for our cloud-based infrastructure. You will work closely with other teams to ensure our services are secure and compliant with industry best practices.
As a Infrastructure Security Engineering professional at Binance, you will have the opportunity to work on some seriously cool projects and make a real impact on the security of our platform.
We are looking for team members who are passionate about security, DevSecOps and excited to be a part of a fast-paced, innovative organization.
Responsibilities
- Implement new, and update existing security measures for the protection of Binance.com infrastructure.
- Generate primitives (AMI, Bastion Instance, Air Gapped deployment, etc) for secure infrastructure.
- Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers.
- Provides solutions to audited access, risk assessments in permission escalation, and vulnerability assessments.
- Build models for anomaly detection and identify on-going pen testing.
Requirements
- A strong background with AWS or other cloud technologies.
- Deep expertise with GNU/ Linux systems.
- Previous development experience, preferably in Python, JavaScript or Go
- Experience with security automation and continuous integration/continuous delivery (CI/CD) pipelines, including experience with Github ActionsFamiliarity with cloud-native security tools and practices, such as Secrets management, runtime protection, and network segmentation.
- Experience with security best practices and services in cloud.
- Experience with containerization technologies, such as Docker and Kubernetes.
- Strong problem-solving and analytical skills.
- Bilingual English/Mandarin is required to be able to coordinate with overseas partners and stakeholders.
Nice to Have
- Extensive experience with Hashicorp Terraform.
- Experience with security tools and technologies, such as vulnerability scanners, security compliance frameworks and static/dynamic analysis.
- A deep understanding of security best practices, including secure infrastructure, security automation, and DevSecOps methodologies.
Originally posted on Himalayas
Apply To this Job