The DevSecOps Engineer will play a critical role in ensuring the security and integrity of information systems within FSI. This position is based in Hong Kong and requires a strong understanding of information security principles and practices.
Client Details
This role is with a large organization within financial institution service. The company is well-established and known for its focus on technological innovation and delivering high-quality services to its customers.
Description
As a DevSecOps Engineer, your main responsibilities will include:
- Drive the adoption of DevSecOps practices by integrating security checks, controls, and automation into CI/CD pipelines and software delivery workflows.
- Partner with engineering and platform teams to implement security controls across Infrastructure as Code, container platforms, Kubernetes environments, and cloud services.
- Define and maintain effective approaches for secrets management, vulnerability detection, configuration hardening, and runtime protection across development and production environments.
- Perform security design and architecture reviews for new initiatives and significant changes, providing pragmatic recommendations to reduce risk without slowing delivery.
- Evaluate security risks associated with applications, cloud infrastructure, data flows, AI-enabled components, and network exposure, and support teams in implementing proportionate mitigations.
- Contribute security expertise to incident handling activities, supporting investigation, containment, and lessons-learned improvements to tooling and processes.
- Support assurance activities such as internal reviews, external assessments, and compliance exercises, ensuring findings are addressed through engineering-led remediation.
- Continuously improve security ways of working by refining standards, guidelines, and operational playbooks aligned with evolving technologies and threats.
- Produce clear, outcome-focused security updates and risk insights for senior stakeholders and leadership.
Profile A successful DevSecOps Engineer should have:
- Hands-on experience implementing security within DevOps or platform engineering environments.
- Strong understanding of CI/CD tooling, cloud-native architectures, containers, and Kubernetes, with practical security application.
- Experience conducting lightweight security architecture or design reviews in fast-moving delivery environments.
- Familiarity with identifying and managing risks related to applications, infrastructure, automation pipelines, and emerging technologies such as AI workloads.
- Exposure to audit, compliance, or regulatory-driven environments is an advantage.
- Ability to work collaboratively with engineers while communicating risks clearly to non-technical stakeholders.
Job Offer
- Attractive benefits package.
- Opportunities to work in a large organization within the insurance industry.
- Exposure to innovative technology and security practices in a dynamic environment.
- Supportive company culture with a focus on professional growth.
If you're ready to take the next step in your career, apply now for this exciting opportunity in Hong Kong!
To apply online please click the 'Apply' button below. For a confidential discussion about this role please contact Coco Chan +85225306114.