DevSecOps Engineer (Singaporean Only)

We are seeking an experienced and security-conscious Mid-Level DevSecOps Engineer to join our onsite team in Bukit Merah. You will be integral to building, maintaining, and securing the AWS cloud infrastructure and CI/CD processes that support our complex 'mega-app' platform (built with React/React Native frontend and Java/Spring Boot microservices backend). This hands-on role involves managing our production systems on AWS, ensuring their reliability, security, and performance through proactive monitoring, maintenance, patching, and efficient incident response. You will champion DevSecOps best practices, driving automation and security integration throughout the software development lifecycle.

Key Technologies: AWS, Terraform, GitLab CI, SonarQube, OWASP ZAP, Docker, Kubernetes, Bash, PowerShell, Linux

• AWS Infrastructure Management: Design, implement, manage, and optimize secure, scalable, and highly available infrastructure on AWS using Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
• CI/CD Pipeline Enhancement: Build, maintain, and secure CI/CD pipelines for deploying frontend and backend applications, integrating automated security testing (SAST, DAST, SCA) and quality gates.
• Production Monitoring & Alerting: Implement, configure, and manage robust monitoring, logging, and alerting systems (e.g., AWS CloudWatch, Prometheus, Grafana, ELK Stack) for production applications and infrastructure on AWS to ensure uptime and performance.
• System Maintenance & Patching: Plan and execute regular maintenance activities, including security patching for operating systems, containers, and critical software components across the AWS environment, ensuring compliance and minimizing vulnerabilities.
• Production Support & Incident Response: Act as a key resource for supporting production systems; investigate, troubleshoot, and resolve production issues efficiently. Participate in on-call rotation (if applicable) and lead incident response efforts, including root cause analysis and post-mortem reviews.
• Security Integration & Automation: Embed security controls and best practices into the infrastructure and development lifecycle. Automate security checks, vulnerability scanning, and compliance reporting.
• Container Orchestration: Manage and secure containerized applications using Docker and Kubernetes (e.g., AWS EKS).
• Automation & Scripting: Develop scripts (e.g., using Python, Bash) to automate operational tasks, infrastructure provisioning, security remediation, and repetitive maintenance activities.
• Collaboration: Work closely with development teams (Frontend and Backend) to promote a strong DevSecOps culture, providing guidance and support on infrastructure, security, and operational excellence.
• Cost Optimization: Monitor and optimize AWS resource utilization and costs.

• At least 3 years of experience in a DevSecOps, DevOps, SRE, or Cloud Engineering role.
• Strong hands-on experience managing production environments within AWS, including core services like EC2, S3, RDS, VPC, IAM, EKS/ECS, CloudWatch, Route 53.
• Proven experience with Infrastructure as Code (IaC) tools (Terraform or CloudFormation).
• Solid experience designing, building, and managing CI/CD pipelines (e.g., GitLab CI).
• Good understanding of security principles and best practices (e.g., vulnerability management, network security, identity and access management, secure configuration).
• Practical experience with monitoring, logging, and alerting tools and frameworks.
• Proficiency in scripting languages such as Powershell or Bash.
• Experience with Linux system administration, troubleshooting, and patching.
• Demonstrated experience supporting production systems and participating in incident response.

• AWS Certifications (e.g., AWS Certified DevOps Engineer - Professional, AWS Certified Security - Specialty, AWS Certified Solutions Architect - Associate/Professional).
• Experience with specific security tools (e.g., SAST: SonarQube; DAST: OWASP ZAP; SCA: Snyk, Dependabot; SIEM).
• Relevant security certifications (e.g., CISSP, GSEC).
• Experience with configuration management tools (e.g., Ansible).
• Deeper knowledge of networking concepts (Load Balancing, WAF, Security Groups).
• Experience securing Java/Spring Boot applications and microservices environments.

• You possess strong analytical and problem-solving skills, essential for troubleshooting complex production issues.
• You have a security-first mindset and are passionate about building secure and resilient systems.
• You demonstrate meticulous attention to detail in infrastructure configuration, security settings, and operational procedures.
• You are a collaborative team player, able to communicate effectively with both technical and non-technical stakeholders.
• You thrive on automation and continuously seek ways to improve efficiency and reduce manual effort.
• You remain calm and effective under pressure, particularly during incident response situations.

• Competitive remuneration package
• Flexible work schedule and remote work options
• Career progression opportunities
• Medical Insurance Coverage
• Open & Transparent Culture with a flat hierarchy

Interested candidates, please submit your application to join.sandp1t.com

1. After submitting your application, we will personally review it.
2. If your profile passes the review, you will be invited for a technical interview with the hiring manager. The interview will be a 30-minute session where we will discuss your experience and knowledge in the field.
3. Based on the outcome of the interview, the hiring manager will decide if you are suitable for the position. If that's the case, our HR team will contact you with an offer and the next steps.