DevSecOps Engineer

About Capgemini Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion.What You Will Be Working On As the DevSecOps Engineer, you will lead and embed security-first practices across CI/CD, cloud infrastructure, and runtime environments.DevSecOps / Security Enablement Embed security controls in CI/CD pipelines (e.g., SAST, DAST, dependency checks, container scans). Automate enforcement of security policies (e.g., secret detection, SBOM generation, license policy gates). Collaborate with DOE Lead and CISO to implement compliance controls (NIST, Singapore Government standards). Integrate tools like SonarQube, Trivy, Snyk, Checkov, or custom scanners into pipelines. Maintain infrastructure hardening and secure baseline templates (e.g., CIS benchmarks, AMI/Container baselines). Co-own audit and logging configurations (e.g., CloudTrail, Security Hub, WAF logs, GuardDuty alerts). Cloud Infrastructure & CICD Operations Maintain and improve secure, automated CICD pipelines. Define IaC security validation steps (e.g., Terraform policy-as-code with OPA or Checkov). Implement backup, DR, and secrets management workflows in alignment with platform guardrails. Support runtime observability with secure logging and alerting pipelines (e.g., ELK/Opensearch, Prometheus, Grafana). Day 2 Operations Collaboration Support vulnerability triage and incident response processes. Maintain operational runbooks with security context for SRE rotations. Contribute to secure service rollout (mTLS, ALB/NLB policies, header validations, etc.). Collaborate to address hardening gaps in Day 2 operations. What We Are Looking For 4-6 years of combined DevOps/Security Engineering experience. Hands-on experience in securing AWS cloud infrastructure (IAM, KMS, GuardDuty, WAF). Hands-on experience in commercial security tools (Next GEN Firewalls, Database Activity Monitoring). Proven experience integrating security checks into GitOps / CI pipelines (e.g., GitLab CI, GitHub Actions, Jenkins). Solid experience with container security: Docker image scanning, Kubernetes RBAC, admission controllers. Proficiency in scripting (Bash, Python, or similar) for automation. Familiarity with compliance requirements: NIST 800‑53, CIS benchmarks. Strong diagnostic skills, especially in cloud networking, TLS configurations, and log analysis. Experience with IaC (Terraform/Helm), GitOps, and configuration management. Bonus: Experience conducting or responding to security audits or VAPT findings. Let's talk about what's in it for you Passionate people are Capgemini's Ace of Spades - join us to discover a career that will challenge, support and inspire you. Working at Capgemini you'll find the rewards are more than just financial. You will work alongside some very smart and inspiring people on exciting projects and you will also enjoy incredible benefits. We offer flexible work practices and 40 hours of self-development every year with a huge selection of learning opportunities to choose from.As "Architects of Positive Futures" , Capgemini actively supports the community in 3 ways:Diversity and Inclusion - we believe diversity of thought fuels excellence and innovation, which is why we positively encourage applications from suitably qualified candidates regardless of their gender identity, ethnicity, sexual orientation, religion, ability, intersex status or age. To support our commitment to diversity and inclusion, we celebrate special events and days of significance that are important to our employees such as Diwali, Bastille Day, Pride, IDAHOBIT, IWD and International day of people with Disabilities. Our Employee Resource Groups and OutFront support the grassroots passion of employees to drive our diversity agenda and effect change.Digital inclusion - at Capgemini we are using our skills to drive social impact initiatives focusing on helping society address the impact of the digital and automation revolution. We also provide employees with opportunities to give back to the community through charity projects and volunteer days.Environmental Sustainability - Capgemini joined the CDP's (Carbon Disclosure Project) prestigious "A list" for its commitment to the Net-Zero economy. We are focusing on helping our clients transform towards more sustainable business models and committing to reduce our own carbon emissions (GHG) by 20% per employee by 2020.Recognized by Ethisphere as one of the World's Most Ethical Companies for the last 8 years in a row, ethics and values are at the heart of Capgemini's corporate culture and business. Embedded in our DNA, our seven values - Honesty, Boldness, Trust, Team Spirit, Freedom, Fun and Modesty - have remained the same since company inception in 1967. To see how we bring these values to life, click here to listen to some of our employee's stories.Come join us, bring your whole self to work, create new possibilities for you, your customers and your community and help us to be Architects of Positive Futures.