DevOps Engineer

OPSWAT Inc.

Job Overview

Location

Ho Chi Minh City, Ho Chi Minh City, Vietnam

Job Type

Full-time

Full Job Description

📋 Description

• Join the infrastructure team behind MDaaS — a real-time malware scanning platform handling 30M+ requests/day, built on AWS, Kubernetes, and event streaming. This role is critical to ensuring the security, scalability, and reliability of OPSWAT’s critical infrastructure cybersecurity platform that protects over 1,700 organizations globally.
• You will deploy and maintain workloads on EKS via ArgoCD, write and update Helm charts and Kustomize overlays, triage alerts from Prometheus/Grafana/Coralogix, manage Terraform changes for EKS, MSK, ALB, and IAM, maintain CI/CD pipelines on Bitbucket Pipelines and GitHub Actions, configure KEDA ScaledObjects for Kafka/RabbitMQ, triage CVEs with CVSS ≥ 7.0, rotate secrets, enforce no-hardcoded-credentials policies, document infrastructure changes, participate in on-call rotation, and research new tools to improve system reliability, scalability, and security.
• You will work within an agile scrum team as part of OPSWAT’s infrastructure team, owning infrastructure-as-code, CI/CD pipelines, and observability. Security and compliance are first-class requirements, not afterthoughts, in a company that has spent 20 years innovating in IT, OT, and ICS cybersecurity to protect critical infrastructure worldwide.
• In this role, you will deepen your expertise in cloud-native infrastructure, GitOps, security automation, and observability at scale. You will gain hands-on experience with enterprise-grade Kubernetes, AWS services, Terraform, and AI-assisted tooling, while contributing to a platform that processes 30M+ malware scans daily — directly impacting global cybersecurity resilience.

🎯 Requirements

• BA/BS in Computer Science, Engineering, or equivalent hands-on experience
• Strong verbal and written communication in English
• AWS hands-on: EKS, ECR, IAM/IRSA, MSK, S3, ALB, VPC, Security Groups
• Terraform: write modules, manage remote state, integrate with CI
• Kubernetes: RBAC, ingress, network policies, HPA, resource tuning — cluster management via Rancher or K9s
• Helm + Ansible: author charts and playbooks, manage versioning
• Docker: multi-stage builds, image optimization
• Linux/Windows systems administration
• Bitbucket Pipelines, GitHub Actions, or TeamCity — write and maintain, not just use
• ArgoCD: sync policy, health checks, rollback
• Prometheus, Grafana, CloudWatch, Elasticsearch — setup and maintain
• Structured logging, alert routing, dashboard authoring
• Least privilege: IAM, IRSA, K8s RBAC — no wildcard permissions
• Secret management: External Secrets / AWS Secrets Manager, zero hardcoded credentials
• Supply chain: dependency scanning (Blackduck / Snyk / Trivy), CVE triage by CVSS score
• Network segmentation: private subnets, Security Groups, ingress/egress control
• Working knowledge of ISO/IEC 27001 and SOC 2 Type II — access control, audit trail, change management
• Familiar with CIS Benchmarks for Kubernetes and Linux hardening
• Python and/or Go — scripting, tooling, automation
• Able to read Node.js/TypeScript code to debug service issues independently
• Actively uses AI coding tools (GitHub Copilot, Cursor, Claude) in daily workflow — writing scripts, Terraform modules, Helm templates, and debugging
• Knows how to prompt effectively, verify AI output, and not blindly trust generated infrastructure code

🏖️ Benefits

• Opportunity to work on a high-impact platform processing 30M+ malware scanning requests per day
• Work with cutting-edge cloud-native technologies: AWS, Kubernetes, Terraform, ArgoCD, Helm, KEDA, and AI-assisted DevOps tooling
• Collaborative agile scrum environment with ownership over infrastructure-as-code, CI/CD, and observability
• Strong focus on security and compliance as first-class requirements — gain real-world experience with ISO/IEC 27001, SOC 2, CIS Benchmarks
• Exposure to enterprise-grade security tooling: Blackduck, Trivy, External Secrets Operator, Coralogix
• On-call rotation with incident response, post-mortems, and runbook updates — builds deep operational expertise
• Encouragement to research, prototype, and propose adoption of new tools to improve system reliability, scalability, and security
• Equal opportunity employer committed to diversity and inclusion — all employment decisions based on individual qualifications and business needs

Skills & Technologies

Python

JavaScript

TypeScript

Node.js

Elasticsearch

DevOps

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

OPSWAT Inc.

Visit Website

About OPSWAT Inc.

OPSWAT is a global cybersecurity company that provides solutions to protect organizations from malware and zero-day threats. Their technology focuses on deep content inspection, vulnerability management, and threat intelligence. OPSWAT's platform is used by governments and enterprises worldwide to secure their IT infrastructure, including endpoints, networks, and cloud environments. They offer a comprehensive suite of products designed to detect, prevent, and remediate cyber threats, ensuring data security and operational continuity. The company's core mission is to foster a secure digital world by delivering advanced cybersecurity technologies and services.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.