DevSecOps Engineer

Join to apply for the DevSecOps Engineer role at Steenbok Pte Ltd . 2 days ago – be among the first 25 applicants. Our client is a dynamic small‐medium enterprise (SME) IT vendor in Singapore dedicated to serving critical projects within the public sector. Our success hinges on agility and commitment to quality delivery. Key Success Factors Willingness to Learn: You must be eager to rapidly learn and master diverse technologies, especially those dictated by our public sector clients' specific environments and tech stacks. Agility to Adapt: You need to quickly adjust security strategies and automation workflows to fit unique, client‐dependent development pipelines and deployment models. Key Responsibilities Integrate Security into CI/CD Pipelines: Design, implement, and maintain security tools (SAST, DAST, SCA, etc.) within client‐specific Continuous Integration/Continuous Deployment (CI/CD) workflows, ensuring security gates are non‐disruptive yet effective, despite the dependency on client‐mandated tooling. Develop and Maintain Infrastructure‐as‐Code (IaC) Security: Write and secure IaC (e.g., Terraform, Ansible) to provision and manage cloud infrastructure (AWS/Azure/GCP, or on‐premise) in compliance with public sector security standards and hardening guidelines. Conduct Security Assessments and Hardening: Perform security reviews, vulnerability scanning, and hardening of application and infrastructure components across various client technology stacks. Translate client security requirements into actionable engineering tasks. Automate Security Operations: Develop scripts and automation tools to streamline security tasks, incident response, and compliance checks (e.g., auto‐remediation, automated patching), reducing manual effort and increasing the speed of secure deployments. Serve as a Security Evangelist: Collaborate closely with development and operations teams to champion DevSecOps principles, provide security training, and embed a security‐first culture that respects the constraints and architecture choices imposed by client environments. Key Requirements Proven DevSecOps Tooling Experience: Solid experience with relevant DevSecOps tools (e.g., Jenkins/GitLab CI, Docker, Kubernetes, Ansible/Terraform, and security scanning tools), and the ability to pivot to new/client‐mandated tools quickly. Coding and Scripting Proficiency: Strong skills in at least one scripting language (e.g., Python, Bash) to develop custom automation and integrate security tools via APIs. Security and Compliance Knowledge: Familiarity with common security standards, controls (e.g., CIS Benchmarks, OWASP Top 10), and the specific compliance requirements typical of the Singapore public sector environment. Cloud/Container Security Experience: Practical experience securing common public cloud environments (AWS, Azure, or GCP) and container orchestration platforms (Kubernetes, OpenShift). Problem‐Solving and Communication Skills: Excellent analytical skills to troubleshoot complex, cross‐functional security issues, and strong verbal/written communication to explain risks and solutions to both technical and non‐technical stakeholders (including client teams). If you're ready to take on the challenge of securing high‐stakes public sector systems in a fast‐paced, adaptive SME environment, apply nowWhat's on Offer Work within a company with a solid track record of success Work alongside & learn from best in class talent Great work environment Seniority level Entry level Employment type Full‐time Job function Engineering and Information Technology Industries IT Services and IT Consulting, Business Consulting and Services, and Financial Services Location Singapore Referrals increase your chances of interviewing at Steenbok Pte Ltd by 2x. #J-18808-Ljbffr