Director, Dev Ops, DevSecOps (IT)

JOB SCOPE

Summary of Job Responsibilities

DevOps is responsible for integrating developer experience, infrastructure and technology operations support to enhance software development and deliver solutions inclusive of gaming related systems to achieve Sands business objectives.

Job Responsibilities

The primary responsibility of the Director of DevOps  is to oversee the technology providing infrastructure,  security, administration, configuration, troubleshooting, automation and security analysis of solutions within Sands.

The DevOps function will deploy and support cloud and on-premises infrastructure and services to meet the requirements of business or IT initiatives. The team will develop, maintain and execute infrastructure as code scripts and playbooks to automate deployment and maintenance tasks to ensure the availability, reliability, and efficient operation of the enterprise systems.

The Director will identify the optimal cloud-based solutions, ensure best practice security measures are applied to the solutions, and troubleshoot complex issues through root cause analysis.  The position demands someone who is highly technically competent, detail oriented, and driven to stay current with evolving technologies.

In this role, the Director will be responsible for managing the team of DevOps Engineers, and AppSec Engineers responsible for overall technical security posture of developed applications and infrastructure.

The DevOps team will work closely with the Corp IT and Corp Cyber Security leadership in coordinating the strategy, architecture and security initiatives and all auditing activities across all team activities.  A key part of the position is supporting compliance efforts related to secure SDLC processes and infrastructure

All duties are to be performed in accordance with departmental and Sands’ policies, practices, and procedures.

JOB REQUIREMENTS

Education & Certification

• Bachelor's degree required.

Eligibility

• Evidence of right to work in local jurisdiction (Singapore)
• Ability to obtain jurisdictional gaming license as required (GRA)

Years of Experience

• 10-15 years of relevant work experience

Communication Skills

• Ability to effectively communicate with both technical and non-technical peers and business stakeholders, as well as executive level management.
• Ability to communicate clearly in a multicultural, multinational environment and in cross-functional matrixed teams.
• Exceptional verbal and written communication skills
• Ability to read Chinese a plus.
• Presentation skills and an ability to engage audiences at the highest levels of the organization.

Business Acumen and Analytical Skills

• Understanding of business processes and basic corporate finance, management, and accounting principles
• Deep understanding of hospitality and gaming business processes and compliance constraints
• Demonstrates strategic thinking in a highly complex environment.
• Exceptional analytical, statistical, quantitative, and deduction skills
• Leads, influences, and mentor’s others.
• Demonstrates pragmatic judgment.

Behavioral Traits

• Strategic leadership abilities
• Excellent interpersonal skills
• Demonstrates a strong attention to detail.
• Ability to build relationships and work well across functions.
• Ability to work independently, self-manage, and engage collaboratively with a team.
• Demonstrates the capacity to manage changing priorities and ambiguity.
• Establishes goals, monitors progress toward them, and ultimately achieves these goals.
• Retains objectivity and proper understanding of a problem or situation when placed under conditions of stress.
• Willingness to travel internationally.

Security and Privacy

• Knowledge of secure coding best practices and security framework standards: NIST, COBIT, ISO.
• Experience architecting solutions that comply with compliance regulations such as: PCI, GLBA, SOX, Basel III
• Experience implementing controls for privacy legislation such as: HIPAA, COPPA, FCRA, GLB and GDPR

Technology Skills Requirements

• Proven experience of leading DevOps and DevSecOps groups
• Experience in cloud based containerized environments (Kubernetes, Docker)
• Deep technical experience of securing, monitoring and maintaining infrastructure for in-house developed applications
• Knowledge of 3rd party library security scanning, static code scanning, code hygiene, dynamic code scanning,
• Knowledge of container security, AWS EKS, Azure AKS, Helm
• Knowledge of IAM, cloud trail, guard duty, WAF, SDLC practices, basic scripting skills
• Experience with common programming and scripting languages, such as Golang, Ruby, C/C++, C#, Python, JavaScript, Bash
• Latent desire and/or curiosity in related domain like software development, front-end engineering, security or project management
• Familiar with designing solutions to complex technical issues and working with other technology or cyber security experts, including architects and vendors.
• Resolves any technical problems discovered by DevOps, development, or testers and any internal clients.
• Provide deep subject matter expertise across multiple disciplines including IT infrastructure, security, business application and system integration.
• Familiar with cloud offerings including, but not limited to, Alibaba, Amazon Web Services, Azure, and Google Cloud Platform.
• Knowledge of Agile software development principles, Continuous Integration and Deployment (CICD), and DevOps
• Knowledge of software vulnerabilities and remediation (OWASP/SANS CWE)
• Experience implementing identity strategies and application integrations including LDAP, Kerberos, SAML, OAuth, OpenID Connect
• Experience in developing secure Integration APIs, GraphQL and deployment on API Gateways such as Azure APIM GW, MuleSoft API GW etc.
• Ability to perform technical due diligence on platforms and solutions when limited or no documentation is available.
• Ability to grasp wide range of technologies from IOT, Edge, Datacenter, and cloud to offer solutions.