Logo

DevSecOps Security Expert

OKX
Singapore
Full time

Overview

Department

IT

Job type

Full time

Compensation

Salary not specified

Location

Singapore

Company size

Mature [ 50+ employess ]

Ready to apply?

You're one step away - it takes less than a minute to upload your resume

Resume Assistance

See how well your resume matches this job role with our AI-powered score. By uploading your resume, you agree to our Terms of Service

OKX is seeking a DevSecOps Security Expert to develop and maintain their DAST scanning engine. Responsibilities include optimizing scanning rules, iterating the engine, and developing backend systems.

Requirements

  • At least 5 years of experience in DevSecOps or related field.
  • Familiar with the working principle and practical application of DAST, capable of developing and constructing engines.
  • Solid Golang and/or Java development skills, able to write automated scripts to support vulnerability scanning, vulnerability fixing, and engine optimization.
  • Proficient in DAST engine tools (such as AWVS, Xray, Burp Suite, etc.) for vulnerability scanning, able to customize scanning rules for specific business needs.
  • Able to analyze and handle false positives and false negatives in the DAST scanning engine.
  • Familiar with the principles and repair measures of common web application vulnerabilities (such as SQL injection, XSS, CSRF, file upload vulnerabilities, etc.).
  • Familiar with DevSecOps processes, able to integrate DAST tools and scan engines into CI/CD pipelines.
  • Strong problem analysis ability and technical document writing ability, able to analyze and provide feasible repair solutions based on vulnerability reports.
  • Good communication and teamwork skills, able to work closely with the XFN team to promote the implementation of safety work.

    • Responsibilities

  • Responsible for developing and maintaining the DevSecOps DAST scanning engine.
  • According to complex application scenarios, write and optimize DAST scanning rules to verify the vulnerabilities scanned by the DAST scanning engine and ensure the accuracy of vulnerability scanning and reproduction.
  • Continuously iterate the DAST engine, optimize the scanning process, improve scanning efficiency and detection rate, and enhance scanning coverage.
  • Responsible for designing, developing and maintaining the backend systems of the DevSecOps security team.

    • Benefits

  • Competitive total compensation package.
  • L&D programs and Education subsidy for employees' growth and development.
  • Various team building programs and company events.
  • Wellness and meal allowances.
  • Comprehensive healthcare schemes for employees and dependants.
  • More that we love to tell you along the process!
    • Company
    About
    Academy
    Pricing
    Partnerships
    Legal
    Terms
    Privacy
    Cookies
    Contact
    © All rights reserved.