DevSecOps Engineer

A Little Bit About Us!

At Snoonu, we believe that technology has the power to make anything possible.

Our Vision: To be the first Qatari Super App that propels the region and its community through innovation and technology. We envision a global expansion where what we do surpasses norms and limitations every time.

Our Mission: To radically transform how people live by leveraging technology to connect them with endless possibilities.

Values We Live By:

• Be Customer Obsessed: “Focus on the customer and all else will follow."
• Act with Integrity: “We are honest, ethical, and trustworthy in everything we do."
• Be Curious and Creative: “We constantly innovate and create solutions to bring a lasting positive impact."
• Lead by Example and Take Ownership: “Be the change you want to see and take ownership."
• Work Smart and Deliver Results: “You can do more by doing less, better, and faster."
• It's All About People: “Be a team player; together we are stronger."

Job Overview

We are looking for a skilled DevSecOps Engineer to integrate security practices within our development and operations processes. This role requires expertise in software development, system administration, and cybersecurity, focusing on automating security measures and enhancing the security and reliability of our products. You will bridge the gap between development, operations, and security, playing a vital role in building resilient systems and optimizing our security strategies.

Responsibilities

• Security Integration: Embed security throughout the Software Development Life Cycle (SDLC) and CI/CD pipelines, ensuring automated security testing and vulnerability scanning.
• AWS Security Management: Configure and manage AWS security controls, including GuardDuty, Security Hub, Inspector, Config, CloudTrail, and WAF.
• Toolset Management: Oversee security code scanning tools and maintain our application security scanning toolset.
• Collaboration: Work closely with development and operations teams to integrate security with minimal disruption, and promote security best practices.
• Continuous Learning: Stay updated on the latest security threats, vulnerabilities, and industry trends, applying this knowledge to improve our security posture.

Qualifications Basic:

• 3+ years in a related role, with proven experience in DevOps, security, and cloud infrastructure (especially AWS).
• Strong technical expertise with a wide range of DevSecOps tools and AWS security services.
• Familiarity with information security frameworks and standards such as OWASP, NIST, and ISO27001.
• Extensive knowledge of API Security, Container Security, and AWS Cloud Security.
• Excellent analytical abilities and strong interpersonal skills to communicate technical information clearly at all levels of the organization.

Good to Have:

• Experience with SIEM, SOC, Nessus, or similar services.
• Familiarity with security automation processes and machine learning applications in security.
• Relevant security certifications such as AWS Certified Security, CISM, CISSP, or equivalent.