Senior Cloud Security Engineer

Company Description

At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

Job Description

Get to know the team
Join our dynamic Security Engineering Team as a Senior Security Engineer and steer the future of cloud security. If you have experience in cloud engineering, infrastructure automation, integration, and development, we are eager to see what you can bring to our team. We're expanding our regional security presence, offering you the chance to shape some of the most complex architectures and safeguard one of the largest cloud operations in the region.

The Critical Tasks You Will Perform

• Pioneering Projects: Design and build a cutting-edge, secure infrastructure platform to deliver exceptional Grab Services.
• Innovative Environment: Evolve and manage state-of-the-art security tools, including EDR, CNAPP, Vulnerability scanners, and Code Security Scanners.
• Scale with Technology: Spearhead the creation of security automation solutions to boost efficiency and scalability.
• Collaborative Culture: Work closely with cross-functional teams to embed security within the software development lifecycle and CI/CD pipelines.
• Impact and Growth: Drive success by surpassing SLAs, optimizing Security Engineering KPIs, and elevating performance standards.
• Supportive Community: Engage in on-call rotations, ensuring smooth infrastructure operations and leading incident management and troubleshooting efforts.

Qualifications

What Essential Skills You Will Need

• Proven experience in developing and maintaining production systems/applications on any public cloud services (AWS, Azure or GCP)

• Strong programming skills in one of the languages (preferably GoLang or Python)

• Excellent communication and collaboration skills with the ability to work effectively in a fast-paced, team-oriented environment.
   

The Nice-to-Haves:

• Bachelor's degree in Computer Science, Information Technology, or related field with at least 6+ years of security industry experience utilizing web/mobile application security and knowledge of the security / threat landscape.
  Ability to perform automation using Terraform/Ansible/Chef/Puppet, Docker/Kubernetes, and any one CI tools (e.g. Jenkins, Gitlab, Travis CI etc.)

• Experienced in vulnerability management, patching automation, and understanding of VA/PT techniques

• Demonstrated proficiency in setting up and managing CI/CD pipelines, particularly in platforms such as GitLab and Jenkins.

• A strong understanding and experience in the cybersecurity domain, along with relevant security certifications (such as AWS Security Specialty, CCSP, CEH, etc.), would be a significant advantage.

• Experience in Devsecops toolings like SAST and Dependency scanners is a plus.

Additional Information

Life at Grab

We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex, create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave, and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.

What we stand for at Grab

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.