Cloud Security Engineer

Company Description

Life at  Grab

At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

Job Description

Get to know our Team:
When you're an engineer at Grab, you are part of the heart and soul of the company. Our passion is anchored in the work that we do, and this is reflected in the impact we make on millions of lives on a daily basis. Our team is empowered by creating amazing services and tools that serve millions of passengers, driving partners, and fellow Grabbers.

You’ll be part of a team that is responsible for the Security of Grab Cloud platform which is one of the largest deployments in the region. 

Get to know the role:
We are looking for a Cloud Security Engineer to take a lead on the infrastructure security engineering initiatives. We believe a successful candidate has cloud engineering, infrastructure automation, integration, and development skills, but if you believe you have what it takes then we’d love to hear from you either way. This role is required because we are expanding our regional infrastructure security capabilities. In return, you will get an opportunity to work with a great team working on complex architectures and managing cloud security of one of the largest cloud deployments in the region.

The day-to-day activities:

• You will utilize technology to address clearly defined problems, constructing individual components or features based on specific tasks. You will grasp the project requirements thoroughly and apply this understanding to your designs. You will maintain a comprehensive knowledge of your codebase and systems, ensuring reliability through design reviews, monitoring, alerting, and adherence to Operational Excellence (OE) standards.

• You will take ownership of your code, ensuring it is readable, maintainable, and thoroughly tested. You will apply suitable data structures and algorithms effectively. You will provide clear, actionable feedback during code reviews and respond constructively to feedback from peers.

• You will address issues promptly and keep your team consistently informed. You will deliver tasks on schedule and with high quality, articulating your solutions effectively to other technical stakeholders through both verbal and written communication.

• You will ensure that container environments are inherently secure, allowing for swift remediation of newly detected vulnerabilities with minimal effort.

• You will integrate vulnerability detection and alert systems into container build pipelines, empowering engineering teams to prevent the introduction of known vulnerabilities into production environments.

Qualifications

The must haves:

• Proficient in deploying public cloud services in AWS, Azure, or GCP.

• Comfortable to code in at least one high-level programming language - Java, Python, or Golang 

• Solid understanding of Computer Science fundamentals in algorithms and data structures.

• Committed to maintaining a strong set of software engineering skills.

• A good understanding of clean architecture principles.

• Experience with web frameworks and understanding of RESTful APIs.

• Excellent problem-solving skills and attention to detail.

• Strong communication and teamwork skills.

• Knowledge of Kubernetes for container orchestration and management

Good to have:

• 1+ years of relevant experience developing and maintaining production systems/applications
• Ability to perform automation using Terraform/Ansible/Chef/Puppet, Docker/Kubernetes, and any one CI tools (e.g. Jenkins, Gitlab, Travis CI etc.)
• Good working knowledge of Cloud Security and understanding of Security Operations, DevSecOps, or Security Automation

Additional Information

Our Commitment

We recognize that with these individual attributes come different workplace challenges, and we will work with Grabbers to address them in our journey towards creating inclusion at Grab for all Grabbers.