(Senior) DevOps / DevSecOps Engineer at Bowtie Life Insurance Company Limited (Hong Kong)
Location: Hong Kong
Type: Full Time
Created: 2021-07-07 05:01:14
Bowtie (https://www.bowtie.com.hk) is a forward-thinking startup and an authorized virtual insurance company based in Hong Kong.
We are looking for a strong DevOps/ DevSecOps engineer with a passion to make insurance and healthcare better to join us.
What problems will you solve?
As a DevOps/DevSecOps engineer in Bowtie, you will be leading and working on taking the predictability, efficiency, and security of software development to the highest level possible through automation / tooling, enhancing code quality, and address reliability assurance issue.
What technologies do we work with?
Our engineers are primarily using Python, ReactJS, Typescript (to a lesser extend), and AWS (more info over here). but we are always open to adopt different technologies/tools if they are more well-suited for the purpose and can be cost-effectively added to our current stacks.
What will you day-to-day look like?
Our engineers never work in silo. You will be working in a cross-functional team that’s responsible for the full software development life cycle, from conception to deployment. You will be directly interacting with teammates from different departments. Your primary focus areas include:
- You will maintain and improve the reliability of the Cloud infrastructure by building and optimising CI/CD pipelines and automation
- You will function as a cybersecurity player in the DevSecOps lifecycle, providing technical support for all aspects of the security life cycle for operation and engineering teams
- As appropriate, you will be doing Architecture reviews and Threat Modeling of critical engineering work
- You will help us scale the capacity and capability of the security team through automation, documentation, and safe default templating. One of our mottos is 'Never the same bug twice'. This is, undoubtedly, the most important way for us to scale default safely
- As developers interact with critical code paths, you will be asked to provide code reviews and feedback on the proposed changes
- You will review, pentest, and analyze existing code bases to uncover vulnerabilities, and resolve them altogether with our software engineers. You will also maintain the secure coding standard, and guarantee its effectiveness by automations in software development lifecycle
- Besides everything that happens with platforms and softwares, you are also responsible for safeguarding our internal operations
While communication is crucial, we do appreciate that engineers need quiet and disturbance-free environment to be the most productive. We make arrangement to let our engineers to work-from-home since our early days and we have a flexible hours policies that let people work on their schedule as long as they can effectively collaborate with different parties.
What kind of profile are we looking for?
We value skills, experiences and cultural fit equally.
If you enjoy and have 3+ years of experience in:
- Programming or ability in one of our core languages. At current inventory, we use NodeJS and Python mainly. You don't need to be a whiz, but we expect you to be able to write enough to push out fixes and simple features.
- Strong understanding of AWS services and architectures, with a Association or higher certification in AWS a plus
- Knowledge in Google Workspace and CI/CD tools like CircleCI is a plus.
- Fluency in a risk and threat modelling methodology. You don't need to be able to rattle off everything in the CWE as you iterate through STRIDE, but structure and fluidity in your analyses will really help you communicate efficiently across teams.
- Mobile or Web Application Security experience. Be it source code audit, penetration testing, bug bounty triage, or code reviews, you'll be expected to examine code with security critical eyes.
- Strong written and verbal communication skills, specifically on security topics. The work our team does is consumed by a startling number of audiences, so being able to effectively communicate across those people will be invaluable in stopping confusion and saving roundtrips.
And, you take pride in:
- Making software development and roll out process as soon and bug-free as possible!
- Understanding how things work - operations, networks, infrastructure and codes
- Improving software development process and enhancing / upgrading tools/ softwares
- Writing code that is well-tested, easily understood and maintainable by others
- Energetic personality and good team player - we move fast and we leave no one behind!
We work together as a team and our engineers never work in silos.
Cross-team collaboration is the key ingredient to our success. As an engineer at Bowtie, you will be participating in meetings with different stakeholders and a cross-functional project team from early on in the product development process. This is to make sure that engineering challenges / barriers will be uncovered and discussed at an early stage of design/decision making.
We are on a constant search for better ways to operate. At the moment, we are exploring the benefit of the 6-week sprint cycle from Basecamp. But we are always happy to take on new suggestions and discover alternative options.
We are a lean team, but we have built / are building some big softwares that take other hundreds of engineers and years to build.
Besides operating an online insurance platform, Bowtie has recently launched Bow Coffee, a cafe right below our office and is launching Bowtie JP Health, a clinic that also offers revolutionary preventive healthcare services to people in Hong Kong.
If you are looking to join a multi-award winning team (HKICT Fintech Award Winner of 2017, Hong Kong Insurance Award 2020, just to name a few) that has been featured and recognised by tech companies, such as AWS, get in touch today!
Information collected will be treated in strict confidence and used solely for recruitment purposes.
The company will retain all applications no longer than 24 months of which will be destroyed thereafter.
We are an equal opportunity employer. We do not discriminate on the basis of race, sex, disability or family status in employment process.