(Sr.) Staff DevSecOps Engineer

The RDSec Team at Trend Micro is seeking a (Sr.) Staff DevSecOps Engineer to enhance the efficiency and security of the product development lifecycle. This role involves collaborating with product development teams to guide product releases using advanced DevOps and security solutions. Key responsibilities include designing and implementing secure CI/CD processes, analyzing existing toolchains, providing consultancy on release processes and code security, and researching new industry technologies. The engineer will also lead projects to improve security and efficiency, and integrate AI into development workflows for enhanced code review, automated testing, and continuous integration.

Must Have

• Design and implement secure CI/CD processes and artifact management.
• Analyze existing CI/CD processes and provide security toolchain consultancy.
• Collect, consolidate, and analyze DevSecOps requirements for product teams.
• Research new industrial technologies in DevOps and security solutions.
• Initiate and lead projects to enhance product release security and efficiency.
• Integrate AI into development workflows for efficiency and security.
• Bachelor’s degree in computer science or related field with 7+ years experience.
• Solid knowledge of Python, JavaScript, or GoLang.
• Experience with DevSecOps, CI/CD pipelines, infra as code, and SaaS operation.
• Proven experience integrating AI into development workflows.
• Familiarity with public cloud and Docker solutions like AWS, Azure, K8s, EKS.

Overview

RDSec Team is committed to continuously improving the efficiency and security of Trend Micro product development lifecycle. This job is to work with Product Development team, guide the release of products or services with the advanced knowledge of DevOps tool chain in security solution. You will have chance to design and implement the complex and secure release pipeline for production, which is related to secure CI/CD, secure operation, code security, Cloud, Infra as code, data analysis, etc.:

Responsibility

1. Design and implement the secure CI/CD process and artifacts management with multiple systems (GitHub, Fortify, Black Duck, AWS/Azure, JFrog, K8S…)

2. Analyze the existing CI/CD process and tool chain, understand the pains or needs of the product teams, and then provide advanced release process, code security and security tool chain consultant service to the teams.

3. Collect, consolidate and analyze the products DevSecOps requirement and design the detail solution.

4. Research the new industrial technologies in DevOps tool chain and security solution. And prove their end-to-end value.

5. Initiate and lead project to enhance the security and efficiency for the product release and operation.

6. Integrate AI into development workflows to enhance efficiency and security, including the use of AI for code review, automated testing, and continuous integration.

Qualification/Requirement

• Bachelor’s degree in computer science, software engineering or related fields AND 7+ years of experience in software development or equivalent work experience.
• Solid knowledge of either one of backend programming such as Python, JavaScript, GoLang.
• Good Experience with DevSecOps including automated CI/CD pipelines, infra as code, security enforcement and SaaS operation.
• Proven experience in integrating AI into development workflows, including the ability to design structured prompts, validate AI outputs, and iteratively refine AI-assisted processes.
• Familiar with the public cloud and docker solution like: AWS, Azure, K8s, EKS, etc.
• Strong communication and collaboration skills, with the ability to work on the cross team and cross site solutions.
• Official project and team leader experience is a plus.
• Excellent problem-solving and analytical skills, with a proactive and results-oriented mindset.
• Continuous learning mindset, with a passion for keeping up with industry trends and technologies.