DevSecOps Engineer, Infrastructure Security

🧾 Position Summary

• Title: DevSecOps Engineer, Infrastructure Security
• Location: Remote (with a Taiwan base)
• Type: Full-time
• Focus: Cloud security, infrastructure hardening, DevSecOps automation

💼 Role Overview

This position is ideal for someone with a strong cloud security and DevOps background, who can balance technical depth with simplicity and automation. You’ll be responsible for implementing secure infrastructure patterns across AWS (or similar), developing primitives, analyzing logs, and supporting pen testing initiatives.

🧠 Key Responsibilities

• Design and implement secure infrastructure patterns (e.g., AMIs, Bastion Hosts, air-gapped environments)
• Use security analytics to identify intrusion patterns and attacker behavior (via logs)
• Conduct vulnerability and risk assessments and enforce secure permission structures
• Support penetration testing activities and anomaly detection
• Enhance DevSecOps pipelines and cloud-native security tooling

✅ Core Requirements

• Cloud Security: Deep AWS or other cloud platform expertise
• Operating Systems: Proficient with Linux systems (GNU/Linux)
• Development: Comfortable coding in Python, JavaScript, or Go
• CI/CD: Experience with security automation, especially using GitHub Actions
• Security Knowledge: Familiar with secrets management, runtime protections, and network segmentation
• Container Security: Docker + Kubernetes experience
• Language: Proficiency in Mandarin is required for collaboration with team members

🧩 Nice-to-Haves

• Expertise in Terraform (IaC)
• Experience with security scanning tools, compliance frameworks, and both static/dynamic analysis
• Familiarity with zero-trust architectures and DevSecOps methodologies

🧰 Tools and Tech Likely in Use (Inferred)

• Cloud: AWS (EC2, IAM, VPC, etc.)
• Security Tools: Vault, Falco, Snyk, Trivy, Aqua, Twistlock
• IaC: Terraform, AWS CDK
• Containers: Docker, Kubernetes (EKS)
• DevOps Pipelines: GitHub Actions, Jenkins
• Log/Monitoring: CloudWatch, ELK, Prometheus + Grafana, custom anomaly detection

📈 Why This Role Matters

This role is critical to Binance’s infrastructure security posture, and touches everything from low-level OS hardening to automated anomaly detection in a high-stakes financial tech environment. You’ll help design scalable security architecture across a global cloud footprint.