Trendyol Group is hiring a
DevSecOps Engineer

Summary

The job is for a Security Engineer at Trendyol, a fast-growing e-commerce company. The role involves implementing security controls in SDLC and Software Supply Chain, collaborating with teams on security best practices, developing tools/scripts, and contributing to the community by finding vulnerabilities.

Requirements

• Being an agile minded team player
• Eagerness on self-improvement, open-minded, future-oriented
• Knowledge of the following: OWASP TOP 10 K8S, OWASP TOP 10 CI/CD, OWASP TOP 10 and OWASP ASVS
• Technical Knowledge of following Secure SDLC practices and execution: Secure Coding Educations, Security Tool Integration CI/CD(like SAST, SCA, IaC, IAST, ASO, CS), Threat Modelling, etc
• Technical Knowledge of Software Supply Chain Security concept and requirements: Dependency Management, CI/CD Posture Security, etc
• Technical Knowledge of container, container orchestration platforms and common cloud technologies: Preparation of Vulnerability-Free Container Images, Image Signing, Kubernetes Policy Management, CNAPP, GitOps etc
• Development experience for repeatable tasks with any popular language go, python, bash, etc
• Technical Knowledge of understanding vulnerability risks & remediations

Responsibilities

• Collaborate with the Development and DevOps teams to implement security controls in the SDLC (Software Development Life Cycle) and Software Supply Chain
• Secure Coding Development, Threat Modelling, Security Tool Management in CI/CD (SAST, DAST, SCA, IaC, CS, ASO, IAST, etc.), CI/CD Posture Security, Dependency Management, etc
• Collaborate with the DevOps team to implement security best practice on container, Kubernetes and cloud environment
• Secure Container Images, Container Orchestration Policy Management, Mesh, Vault, Git etc
• Develop tools/scripts for repeatable application security task
• Discovering web application assests and scanning periodically
• Community contribution like developing tools, finding vulnerabilities on public projects, etc

Benefits

• Take responsibility from day one and develop skills with a talented and diverse international team
• Experience open communication, flexibility, and a start-up spirit in our unique culture
• Tackle big challenges in e-commerce with Agile practices and encourage growth by learning from mistakes
• Join creative and focused teams that prioritize collaboration and problem-solving
• Access our extensive training platform for continuous learning and personal growth
• Benefit from the support of a global team of experts with mentoring and professional development opportunities
• Connect with teammates regardless of physical distance through events, meetings, and social activities
• Enjoy competitive benefits such as Trendyol shopping budget, central and international office locations, and top-of-the-line technical equipment
• We offer the opportunity for a two-month full remote work program, allowing you to work from abroad, during the summer period (July to August)