DevOps Engineer

Assurity Trusted Solutions Pte Ltd – Central Singapore

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.

• Automation Champion: Design, implement, and maintain automation scripts and tools to streamline security processes and improve efficiency.
• Security Integration: Integrate security tools and practices seamlessly into the CI/CD pipeline, including static and dynamic application security testing (SAST/DAST), vulnerability scanning, and security configuration management.
• Infrastructure as Code (IaC) Security: Implement security best practices within our IaC frameworks (e.g., Terraform, CloudFormation) to ensure secure infrastructure deployment and management.
• Cloud Security: Architect and implement security controls and best practices within cloud environments (e.g., AWS, GCP), ensuring compliance and protecting sensitive data.
• Threat Modelling and Risk Assessment: Participate in threat modelling exercises and conduct security risk assessments to identify and mitigate potential vulnerabilities.
• Incident Response: Participate in security incident response activities, providing technical expertise and contributing to post-incident analysis.
• Security Monitoring and Logging: Implement and maintain security monitoring and logging solutions to detect and respond to security events.
• Collaboration and Communication: Work closely with development, operations, and security teams to foster a security-conscious culture and provide guidance on secure development practices.
• Compliance and Governance: Assist in ensuring compliance with relevant security standards and regulations.
• Continuous Improvement: Stay current with the latest security trends, technologies, and best practices, and proactively recommend and implement improvements to streamline the automation and improve the security posture.

• Strong understanding of infrastructure design and security, software development lifecycles (SDLC) and agile methodologies.
• Proven experience developing and integrating security tools into automation pipelines (e.g., GitLab, Jenkins, Ansible DevOps).
• Experience integrating security testing tools (e.g. SAST, DAST, SCA, vulnerability scanners).
• Good understanding of cloud security principles and experience securing cloud environments (AWS or GCP).
• Experience with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation) and implementing security within IaC.
• Familiarity with containerization technologies (e.g., Docker, Kubernetes) and their security implications.
• Strong scripting and automation skills (e.g., Python, Go, Bash, PowerShell).
• Excellent problem-solving, analytical, and communication skills.
• Ability to work independently and collaboratively.
• Experience with threat modelling methodologies.
• Knowledge of security frameworks and standard (e.g., NIST CSF, OWASP).
• Experience with security incident response processes.
• Exposure to security compliance frameworks.
• Strong understanding of government central services with the ability to recommend relevant services for cloud-based systems.
• Comprehensive knowledge of standard services available within cloud hosting infrastructure, specifically GCC and GCC+ environments.
• Thorough understanding of the Application Infrastructure Architecture Standard (AIAS) and its application in system design and deployment processes.
• In-depth knowledge of interconnectivity between all government hosting environments, including both cloud-based and on-premises services.

Join us and discover a meaningful and exciting career with Assurity Trusted Solutions!

The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".

We thank you for your interest and please note that only shortlisted candidates will be notified.

By submitting your application, you agree that your personal data may be collected, used and disclosed by Assurity Trusted Solutions Pte. Ltd. (ATS), GovTech and their service providers and agents in accordance with ATS’s privacy statement which can be found at: https://www.assurity.sg/privacy.html or such other successor site.

• We promote a learning culture and encourage you to grow and learn.
• Annual Leave Benefits with additional perks such as Family Care and Birthday Leave.
• Working in a collaborative environment with helpful team members.