DevSecOps

We are looking for a DevSecOps Engineer who will be responsible for building, securing, and optimizing the cost of AWS infrastructure, while ensuring compliance with security standards such as ISO 27001.
This position serves as a bridge between Development – Operations – Security, helping the system achieve high efficiency, safety, and cost-effectiveness.

CI/CD & Automation

• Design, implement, and maintain CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions, ArgoCD).
• Integrate security checks (SAST, DAST, SCA, container scanning) into the pipeline.
• Build automated build/deployment processes with safe rollback and change control mechanisms.
• Manage infrastructure using Infrastructure as Code (Terraform, Ansible, CloudFormation).

Security

• Integrate security into the software development lifecycle (Shift-left security).
• Manage secrets, credentials, and certificates (Vault, AWS Secrets Manager).
• Implement and monitor security policies for containers/Kubernetes (NetworkPolicy, PodSecurityPolicy, Image Signing).
• Collaborate with the Security team to remediate vulnerabilities and ensure compliance with OWASP, CIS Benchmark, and ISO 27001:2022.
• Support preparation of evidence and logs for internal and third-party audits.

Network Security

• Design and secure the VPC layer, subnets, routing, security groups, NACLs, VPN, and load balancers (ALB/NLB).
• Configure WAF, IDS/IPS, and monitor network traffic (GuardDuty, VPC Flow Logs, CloudTrail).
• Manage firewall rules and network segmentation following Zero Trust or Defense-in-Depth models.
• Ensure systems meet requirements for network isolation, DDoS protection, TLS encryption, and secure connectivity across environments.

AWS Infrastructure & Cost Optimization

• Monitor and analyze AWS costs, propose optimization solutions (right-sizing, autoscaling, spot/reserved instances).
• Manage cost dashboards and set up threshold alerts (AWS Budgets, Cost Explorer, CloudWatch).
• Optimize storage, networking, and compute resources according to AWS Well-Architected Framework recommendations.
• Balance security, performance, and operational costs effectively

• Graduated from a full-time university program majoring in IT or related engineering fields.
• Proactive security mindset with strong attention to risk prevention.
• Passionate about automation and cost optimization, with a drive for continuous improvement.
• Responsible, detail-oriented, and able to collaborate effectively with multiple teams (Dev, Infra, Compliance).
• Keeps up to date with the latest security standards, tools, and threat trends

• Minimum of 3 years of experience in DevOps / DevSecOps / Cloud Engineering.
• Proficient in AWS (EC2, ECS/EKS, RDS, S3, IAM, VPC, CloudWatch, GuardDuty, WAF).
• Experience in designing and operating secure CI/CD pipelines.
• Strong understanding of network security, firewall, VPN, TLS/SSL, DNS, reverse proxy, and load balancing.
• Solid knowledge of ISO 27001 controls (A.5 – A.18), especially related to:
  • Access control
  • Operations security
  • Communications security
  • System acquisition, development, and maintenance
• Experience in AWS cost optimization (Cost Explorer, Compute Optimizer, Budgets, FinOps practices).
• Familiarity with OWASP Top 10, CIS Benchmark, and least privilege principles in cloud environments.
• Proactive security mindset with strong attention to risk prevention.
• Passionate about automation and cost optimization, with a drive for continuous improvement.
• Responsible, detail-oriented, and able to collaborate effectively with multiple teams (Dev, Infra, Compliance).
• Keeps up to date with the latest security standards, tools, and threat trends

• Experience with ArgoCD, Vault, SonarQube, Trivy, Prometheus/Grafana.
• Knowledge of or certifications in AWS Certified Security / Solutions Architect, CKA/CKAD, ISO 27001 Implementer are strong advantages.
• Experience working in multi-account AWS environments or eCommerce/microservices systems.

• Enjoy full employee benefits including social insurance (BHXH), health insurance (BHYT), trade union membership, annual leave, and performance bonuses according to company policies.
• 14+ days of annual leave per year.
• Enjoy various welfare programs such as birthday gifts, annual health check-ups, wedding and maternity benefits, and sick leave.
• Receive bonuses on public holidays, Tet, and company events.
• Regular salary reviews in accordance with company policy.
• Company uniforms and gifts for special occasions and events.
• Clear career advancement path, with training and full support for skill development.
• A creative, modern, and professional working environmen